Token-handler now uses HTTP headers to know the true origin IP address.

2024-03-14 23:19:15 +01:00 · 2024-03-14 23:19:15 +01:00 · 611765d45d
commit 611765d45d
parent 76244e6fe7
1 changed files with 2 additions and 7 deletions
--- a/tools/token-handler.cr
+++ b/tools/token-handler.cr
@ -13,13 +13,8 @@ dnsmanagerd = DNSManager::Client.new
 #dnsmanagerd.login login, pass

 server = HTTP::Server.new do |context|
-	pp! context.request.remote_address
-	ip = case remote = context.request.remote_address
-	when Socket::IPAddress
-		remote.address
-	else
-		""
-	end
+	pp! context.request.headers["Host"]
+	ip = context.request.headers["Host"] rescue next

 	case context.request.path
 	when /^\/token-update\/(?<token>[a-z0-9-]+)/