serega404/SfeduSchedule
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Добавил X Forwarded Proto
All checks were successful
Create and publish a Docker image / Publish image (push) Successful in 4m7s
Details

Browse Source
This commit is contained in:
Sergey Karmanov
2025-09-06 22:27:32 +03:00
parent ea254c1c02
commit bb2e6a24d7
3 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
SfeduSchedule/Program.cs
View File

@@ -5,6 +5,7 @@ using SfeduSchedule;
using SfeduSchedule.Jobs; using SfeduSchedule.Jobs;
using SfeduSchedule.Services; using SfeduSchedule.Services;
using X.Extensions.Logging.Telegram.Extensions; using X.Extensions.Logging.Telegram.Extensions;
using Microsoft.AspNetCore.HttpOverrides;
var builder = WebApplication.CreateBuilder(args); var builder = WebApplication.CreateBuilder(args);
@@ -76,7 +77,9 @@ builder.Services.AddRateLimiter(options =>
{ {
options.AddPolicy("throttle", httpContext => options.AddPolicy("throttle", httpContext =>
RateLimitPartition.GetFixedWindowLimiter( RateLimitPartition.GetFixedWindowLimiter(
partitionKey: httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown", partitionKey: (httpContext.Request.Headers.TryGetValue("X-Forwarded-For", out var xff) && !string.IsNullOrWhiteSpace(xff.ToString()))
? xff.ToString().Split(',')[0].Trim()
: (httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown"),
factory: _ => new FixedWindowRateLimiterOptions factory: _ => new FixedWindowRateLimiterOptions
{ {
PermitLimit = 20, PermitLimit = 20,
@@ -92,11 +95,21 @@ builder.Services.AddRateLimiter(options =>
cancellationToken); cancellationToken);
var reqLogger = context.HttpContext.RequestServices.GetRequiredService<ILogger<Program>>(); var reqLogger = context.HttpContext.RequestServices.GetRequiredService<ILogger<Program>>();
reqLogger.LogWarning("Rate limit exceeded for IP: {IpAddress}", var clientIp = (context.HttpContext.Request.Headers.TryGetValue("X-Forwarded-For", out var xff) && !string.IsNullOrWhiteSpace(xff.ToString()))
context.HttpContext.Connection.RemoteIpAddress); ? xff.ToString().Split(',')[0].Trim()
: context.HttpContext.Connection.RemoteIpAddress?.ToString();
reqLogger.LogWarning("Rate limit exceeded for IP: {IpAddress}", clientIp);
}; };
}); });
builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
ForwardedHeaders.XForwardedProto;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
var app = builder.Build(); var app = builder.Build();
var logger = app.Services.GetRequiredService<ILogger<Program>>(); var logger = app.Services.GetRequiredService<ILogger<Program>>();

1
docker-compose-prod.yml
View File

@@ -4,6 +4,7 @@ services:
- '8088:8080' - '8088:8080'
container_name: SfeduSchedule container_name: SfeduSchedule
environment: environment:
- ASPNETCORE_FORWARDEDHEADERS_ENABLED=true
- AzureAd:Instance=https://login.microsoftonline.com/ - AzureAd:Instance=https://login.microsoftonline.com/
- AzureAd:TenantId=sfedu.ru - AzureAd:TenantId=sfedu.ru
- AzureAd:ClientId= - AzureAd:ClientId=

1
docker-compose-test.yml
View File

@@ -4,6 +4,7 @@ services:
- '8088:8080' - '8088:8080'
container_name: SfeduSchedule container_name: SfeduSchedule
environment: environment:
- ASPNETCORE_FORWARDEDHEADERS_ENABLED=true
- AzureAd:Instance=https://login.microsoftonline.com/ - AzureAd:Instance=https://login.microsoftonline.com/
- AzureAd:TenantId=sfedu.ru - AzureAd:TenantId=sfedu.ru
- AzureAd:ClientId= - AzureAd:ClientId=