From a37d5bb29954abfdb03004357b3f611d5d3d4634 Mon Sep 17 00:00:00 2001 From: ZaydSkaff Date: Wed, 18 Jun 2025 12:05:53 +0300 Subject: [PATCH] task: add trust proxy header (#411) * task: add trust proxy header * add logging --- src/main.ts | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/main.ts b/src/main.ts index d337a66..c9256ef 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,15 +1,14 @@ +import { RequestContextMiddleware } from '@app/common/middleware/request-context.middleware'; +import { SeederService } from '@app/common/seed/services/seeder.service'; +import { Logger, ValidationPipe } from '@nestjs/common'; import { NestFactory } from '@nestjs/core'; -import { AppModule } from './app.module'; +import { json, urlencoded } from 'body-parser'; import rateLimit from 'express-rate-limit'; import helmet from 'helmet'; -import { setupSwaggerAuthentication } from '../libs/common/src/util/user-auth.swagger.utils'; -import { ValidationPipe } from '@nestjs/common'; -import { json, urlencoded } from 'body-parser'; -import { SeederService } from '@app/common/seed/services/seeder.service'; -import { HttpExceptionFilter } from './common/filters/http-exception/http-exception.filter'; -import { Logger } from '@nestjs/common'; import { WINSTON_MODULE_NEST_PROVIDER } from 'nest-winston'; -import { RequestContextMiddleware } from '@app/common/middleware/request-context.middleware'; +import { setupSwaggerAuthentication } from '../libs/common/src/util/user-auth.swagger.utils'; +import { AppModule } from './app.module'; +import { HttpExceptionFilter } from './common/filters/http-exception/http-exception.filter'; async function bootstrap() { const app = await NestFactory.create(AppModule); @@ -27,9 +26,18 @@ async function bootstrap() { rateLimit({ windowMs: 5 * 60 * 1000, max: 500, + standardHeaders: true, + legacyHeaders: false, }), ); + app.use((req, res, next) => { + console.log('Real IP:', req.ip); + next(); + }); + + app.getHttpAdapter().getInstance().set('trust proxy', 1); + app.use( helmet({ contentSecurityPolicy: false,