Skip to content

Commit

Permalink
fix(auth-nest-tools): Use x-forwarded-for in audit logs (#6166)
Browse files Browse the repository at this point in the history
Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
dabbeg and kodiakhq[bot] authored Jan 10, 2022
1 parent 026f7d6 commit 9c010ae
Showing 4 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion libs/auth-nest-tools/src/lib/auth.middleware.ts
Original file line number Diff line number Diff line change
@@ -64,7 +64,7 @@ export class AuthMiddleware implements Middleware {
if (this.options.forwardUserInfo) {
context.init.headers = Object.assign({}, context.init.headers, {
'User-Agent': this.auth.userAgent,
'X-Real-IP': this.auth.ip,
'X-Forwarded-For': this.auth.ip,
})
}
}
4 changes: 2 additions & 2 deletions libs/auth-nest-tools/src/lib/jwt.strategy.spec.ts
Original file line number Diff line number Diff line change
@@ -85,7 +85,7 @@ describe('JwtStrategy#validate', () => {
headers: {
authorization: 'authorization',
'user-agent': 'test user agent',
'x-real-ip': '2.2.2.2',
'x-forwarded-for': '2.2.2.2, 3.3.3.3',
},
ip: '1.1.1.1',
} as unknown) as Request
@@ -98,7 +98,7 @@ describe('JwtStrategy#validate', () => {
expect(user.scope).toEqual(payload.scope)
expect(user.client).toEqual(payload.client_id)
expect(user.authorization).toEqual(request.headers.authorization)
expect(user.ip).toEqual(request.headers['x-real-ip'])
expect(user.ip).toEqual(request.headers['x-forwarded-for'])
expect(user.userAgent).toEqual(request.headers['user-agent'])
expect(user.actor!.nationalId).toEqual(payload.act!.nationalId)
expect(user.actor!.scope).toEqual(payload.act!.scope)
2 changes: 1 addition & 1 deletion libs/auth-nest-tools/src/lib/jwt.strategy.ts
Original file line number Diff line number Diff line change
@@ -54,7 +54,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
nationalId: actor.nationalId,
scope: this.parseScopes(actor.scope),
},
ip: String(request.headers['x-real-ip']) ?? request.ip,
ip: String(request.headers['x-forwarded-for'] ?? request.ip),
userAgent: request.headers['user-agent'],
}
}
2 changes: 1 addition & 1 deletion libs/clients/middlewares/src/lib/withAuth.ts
Original file line number Diff line number Diff line change
@@ -21,7 +21,7 @@ export const withAuth = ({
headers.set('user-agent', auth.userAgent)
}
if (forwardAuthUserAgent && auth.ip) {
headers.set('x-real-ip', auth.ip)
headers.set('x-forwarded-for', auth.ip)
}
return fetch(input, { ...init, headers })
}

0 comments on commit 9c010ae

Please sign in to comment.