From e58d2d4831675e551e89f036f59c6f352ef902c2 Mon Sep 17 00:00:00 2001 From: ZaydSkaff Date: Tue, 24 Jun 2025 14:56:02 +0300 Subject: [PATCH] Test/prevent server block on rate limit (#432) --- src/app.module.ts | 8 +++++++- src/main.ts | 12 ------------ 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/src/app.module.ts b/src/app.module.ts index 2401b0c..712531f 100644 --- a/src/app.module.ts +++ b/src/app.module.ts @@ -37,6 +37,7 @@ import { VisitorPasswordModule } from './vistor-password/visitor-password.module import { ThrottlerGuard } from '@nestjs/throttler'; import { ThrottlerModule } from '@nestjs/throttler/dist/throttler.module'; +import { isArray } from 'class-validator'; import { winstonLoggerOptions } from '../libs/common/src/logger/services/winston.logger'; import { AqiModule } from './aqi/aqi.module'; import { OccupancyModule } from './occupancy/occupancy.module'; @@ -50,7 +51,12 @@ import { WeatherModule } from './weather/weather.module'; throttlers: [{ ttl: 60000, limit: 30 }], generateKey: (context) => { const req = context.switchToHttp().getRequest(); - return req.headers['x-forwarded-for'] || req.ip; + console.log('Real IP:', req.headers['x-forwarded-for']); + return req.headers['x-forwarded-for'] + ? isArray(req.headers['x-forwarded-for']) + ? req.headers['x-forwarded-for'][0].split(':')[0] + : req.headers['x-forwarded-for'].split(':')[0] + : req.ip; }, }), WinstonModule.forRoot(winstonLoggerOptions), diff --git a/src/main.ts b/src/main.ts index 67edc11..28b546f 100644 --- a/src/main.ts +++ b/src/main.ts @@ -21,18 +21,6 @@ async function bootstrap() { app.use(new RequestContextMiddleware().use); - app.use((req, res, next) => { - console.log( - 'Real IP:', - req.ip, - req.headers['x-forwarded-for'], - req.connection.remoteAddress, - ); - next(); - }); - - // app.getHttpAdapter().getInstance().set('trust proxy', 1); - app.use( helmet({ contentSecurityPolicy: false,