From a37d5bb29954abfdb03004357b3f611d5d3d4634 Mon Sep 17 00:00:00 2001
From: ZaydSkaff <m.skaff@syncrow.ae>
Date: Wed, 18 Jun 2025 12:05:53 +0300
Subject: [PATCH] task: add trust proxy header (#411)

* task: add trust proxy header

* add logging
---
 src/main.ts | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/src/main.ts b/src/main.ts
index d337a66..c9256ef 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,15 +1,14 @@
+import { RequestContextMiddleware } from '@app/common/middleware/request-context.middleware';
+import { SeederService } from '@app/common/seed/services/seeder.service';
+import { Logger, ValidationPipe } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
-import { AppModule } from './app.module';
+import { json, urlencoded } from 'body-parser';
 import rateLimit from 'express-rate-limit';
 import helmet from 'helmet';
-import { setupSwaggerAuthentication } from '../libs/common/src/util/user-auth.swagger.utils';
-import { ValidationPipe } from '@nestjs/common';
-import { json, urlencoded } from 'body-parser';
-import { SeederService } from '@app/common/seed/services/seeder.service';
-import { HttpExceptionFilter } from './common/filters/http-exception/http-exception.filter';
-import { Logger } from '@nestjs/common';
 import { WINSTON_MODULE_NEST_PROVIDER } from 'nest-winston';
-import { RequestContextMiddleware } from '@app/common/middleware/request-context.middleware';
+import { setupSwaggerAuthentication } from '../libs/common/src/util/user-auth.swagger.utils';
+import { AppModule } from './app.module';
+import { HttpExceptionFilter } from './common/filters/http-exception/http-exception.filter';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -27,9 +26,18 @@ async function bootstrap() {
     rateLimit({
       windowMs: 5 * 60 * 1000,
       max: 500,
+      standardHeaders: true,
+      legacyHeaders: false,
     }),
   );
 
+  app.use((req, res, next) => {
+    console.log('Real IP:', req.ip);
+    next();
+  });
+
+  app.getHttpAdapter().getInstance().set('trust proxy', 1);
+
   app.use(
     helmet({
       contentSecurityPolicy: false,