ok its time to actually get their IP. it only works in reverse proxy.

Signed-off-by: Odyssey346 <odyssey346@disroot.org>
2022-07-28 11:21:25 +02:00 · 2022-07-28 11:21:25 +02:00 · d1a0d01a5e
commit d1a0d01a5e
parent 19c8432a40
2 changed files with 20 additions and 4 deletions
--- a/api/form.go
+++ b/api/form.go
@ -12,6 +12,8 @@ import (

 	"net/url"
 	"io"
+
+    "github.com/ProjectSegfault/segfautilities/otherthings"
 )

 var (
@ -29,7 +31,6 @@ func Form() {
 	http.HandleFunc("/api/form", client.HandlerFunc(theActualFormCode))

 	http.HandleFunc("/form", renderTestForm)
-
 }

 func theActualFormCode(w http.ResponseWriter, r *http.Request) {
@ -40,7 +41,7 @@ func theActualFormCode(w http.ResponseWriter, r *http.Request) {
 				w.WriteHeader(http.StatusUnauthorized)
 				fmt.Fprint(w, "Seems like captcha failed, you didn't complete the captcha or you are a bot. Please try again.\nPlease note that your IP has been logged in our systems for manual review to check if you're an abusive user. If you're seen as abusive, you will be blacklisted.")
 				postData := url.Values{
-					"content": {"IP " + r.RemoteAddr + "failed captcha! [AbuseIPDB](https://abuseipdb.com/check/" + r.RemoteAddr},
+					"content": {"IP " + otherthings.GetUserIP(r) + "failed captcha! [AbuseIPDB](https://abuseipdb.com/check/" + otherthings.GetUserIP(r) + ")"},
 				}
 				req, err := http.PostForm(webhookURL, postData)
 				if err != nil {
@ -51,7 +52,7 @@ func theActualFormCode(w http.ResponseWriter, r *http.Request) {
 			} else {
 				fmt.Fprintf(w, "Thanks for your message, and thanks for doing the captcha!\n%#+v", hcaptchaResp)
 				postData := url.Values{
-					"content": {"IP " + r.RemoteAddr + "\nFrom " + r.FormValue("email") + " with feedback type " + r.FormValue("commentType") + ":\n" + "**" + r.FormValue("message") + "**"},
+					"content": {"IP " + otherthings.GetUserIP(r) + "\nFrom " + r.FormValue("email") + " with feedback type " + r.FormValue("commentType") + ":\n" + "**" + r.FormValue("message") + "**"},
 				}
 				req, err := http.PostForm(webhookURL, postData)
 				if err != nil {
@ -63,7 +64,7 @@ func theActualFormCode(w http.ResponseWriter, r *http.Request) {
 		default:
 			http.Error(w, "Method isn't allowed!\nYou may only POST here, not " + r.Method, http.StatusMethodNotAllowed)
 		}
-		log.Println("[HTTP] " + r.RemoteAddr + " accessed /api/form with method " + r.Method)
+		log.Println("[HTTP] " + otherthings.GetUserIP(r) + " accessed /api/form with method " + r.Method)
 }

 func renderTestForm(w http.ResponseWriter, r *http.Request) {
--- a/otherthings/getip.go
+++ b/otherthings/getip.go
@ -0,0 +1,15 @@
+package otherthings
+
+import (
+	"net/http"
+)
+
+// Thanks random StackOverflow answerer
+
+func GetUserIP(r *http.Request) string {
+    IPAddress := r.Header.Get("X-REAL-IP")
+    if IPAddress == "" {
+        IPAddress = r.Header.Get("X-FORWARDED-FOR")
+    }
+    return IPAddress
+}