From 5a030332557b6a2f1e5ad5a2509e7d28c4a7256f Mon Sep 17 00:00:00 2001 From: Raphael Michel Date: Tue, 9 Jul 2019 16:13:12 +0200 Subject: [PATCH] Add utility to get IP address --- doc/admin/config.rst | 5 +++++ src/pretix/helpers/http.py | 10 ++++++++++ src/pretix/settings.py | 2 ++ 3 files changed, 17 insertions(+) diff --git a/doc/admin/config.rst b/doc/admin/config.rst index 46bc1bf4a..a49b0113f 100644 --- a/doc/admin/config.rst +++ b/doc/admin/config.rst @@ -82,6 +82,11 @@ Example:: Enables or disables obligatory usage of Two-Factor Authentication for users of the pretix backend. Defaults to ``False`` +``trust_x_forwarded_for`` + Specifies whether the ``X-Forwarded-For`` header can be trusted. Only set to ``on`` if you have a reverse + proxy that actively removes and re-adds the header to make sure the correct client IP is the first value. + Defaults to ``off``. + Locale settings --------------- diff --git a/src/pretix/helpers/http.py b/src/pretix/helpers/http.py index d1471080a..af14a122e 100644 --- a/src/pretix/helpers/http.py +++ b/src/pretix/helpers/http.py @@ -1,3 +1,4 @@ +from django.conf import settings from django.http import StreamingHttpResponse @@ -9,3 +10,12 @@ class ChunkBasedFileResponse(StreamingHttpResponse): streaming_content = streaming_content.chunks(self.block_size) super().__init__(streaming_content, *args, **kwargs) self['Content-Length'] = filelike.size + + +def get_client_ip(request): + ip = request.META.get('REMOTE_ADDR') + if settings.TRUST_X_FORWARDED_FOR: + x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR') + if x_forwarded_for: + ip = x_forwarded_for.split(',')[0] + return ip diff --git a/src/pretix/settings.py b/src/pretix/settings.py index 2393691b0..930d84bda 100644 --- a/src/pretix/settings.py +++ b/src/pretix/settings.py @@ -130,6 +130,8 @@ if SITE_URL.endswith('/'): CSRF_TRUSTED_ORIGINS = [urlparse(SITE_URL).hostname] +TRUST_X_FORWARDED_FOR = config.get('pretix', 'trust_x_forwarded_for', fallback=False) + PRETIX_PLUGINS_DEFAULT = config.get('pretix', 'plugins_default', fallback='pretix.plugins.sendmail,pretix.plugins.statistics,pretix.plugins.checkinlists') PRETIX_PLUGINS_EXCLUDE = config.get('pretix', 'plugins_exclude', fallback='').split(',')