updated to use settings

updated handler/SocketIORouter.js to use new setting updated hooks/express.js to use new setting updated utils/Settings.js to accept new setting updated settings.json.template so new setting is present
2013-04-24 12:19:41 +02:00 · 2013-04-24 12:19:41 +02:00 · fb0bc31056
parent 6ea5efbcc3
commit fb0bc31056
4 changed files with 20 additions and 7 deletions
--- a/settings.json.template
+++ b/settings.json.template
@ -78,7 +78,10 @@

  /* Require authorization by a module, or a user with is_admin set, see below. */
  "requireAuthorization": false,
-
+  
+  /*when you use NginX or another proxy/ load-balancer set this to true*/
+  "trustProxy": false,
+  
  /* Users for basic authentication. is_admin = true gives access to /admin.
     If you do not uncomment this, /admin will not be available! */
  /*
--- a/src/node/handler/SocketIORouter.js
+++ b/src/node/handler/SocketIORouter.js
@ -23,6 +23,7 @@ var ERR = require("async-stacktrace");
 var log4js = require('log4js');
 var messageLogger = log4js.getLogger("message");
 var securityManager = require("../db/SecurityManager");
+var settings = require('../utils/Settings');

 /**
 * Saves all components
@ -55,12 +56,12 @@ exports.setSocketIO = function(_socket)
  
  socket.sockets.on('connection', function(client)
  {
-    if(client.handshake.headers['x-forwarded-for'] === undefined){
-      client.set('remoteAddress', client.handshake.address.address);
-    }
-    else{
-      client.set('remoteAddress', client.handshake.headers['x-forwarded-for']);
-    }
+    if(settings.trustProxy && client.handshake.headers['x-forwarded-for'] !== undefined){
+	  	client.set('remoteAddress', client.handshake.headers['x-forwarded-for']);
+  	}
+  	else{
+  		client.set('remoteAddress', client.handshake.address.address);
+  	}
    var clientAuthorized = false;
    
    //wrap the original send function to log the messages
--- a/src/node/hooks/express.js
+++ b/src/node/hooks/express.js
@ -75,6 +75,10 @@ exports.restartServer = function () {
    next();
  });

+  if(settings.trustProxy){
+    app.enable('trust proxy');
+  }
+  
  app.configure(function() {
    hooks.callAll("expressConfigure", {"app": app});
  });
--- a/src/node/utils/Settings.js
+++ b/src/node/utils/Settings.js
@ -119,6 +119,11 @@ exports.logconfig = { appenders: [{ type: "console" }]};
 */
 exports.sessionKey = false;

+/*
+* Trust Proxy, whether or not trust the x-forwarded-for header.
+*/
+exports.trustProxy = false;
+
 /* This setting is used if you need authentication and/or
 * authorization. Note: /admin always requires authentication, and
 * either authorization by a module, or a user with is_admin set */