From 69b77531e328ddf73cd65e171d8d98fc3134731c Mon Sep 17 00:00:00 2001 From: dholms Date: Mon, 11 Sep 2023 16:24:25 -0500 Subject: [PATCH] get rate limit ip correctly --- packages/pds/src/index.ts | 1 + packages/xrpc-server/src/index.ts | 2 +- packages/xrpc-server/src/rate-limiter.ts | 3 +-- packages/xrpc-server/src/util.ts | 4 ---- 4 files changed, 3 insertions(+), 7 deletions(-) diff --git a/packages/pds/src/index.ts b/packages/pds/src/index.ts index 32abb30056d..dc7e36b8d62 100644 --- a/packages/pds/src/index.ts +++ b/packages/pds/src/index.ts @@ -137,6 +137,7 @@ export class PDS { ) const app = express() + app.set('trust proxy', true) app.use(cors()) app.use(loggerMiddleware) app.use(compression()) diff --git a/packages/xrpc-server/src/index.ts b/packages/xrpc-server/src/index.ts index 6bc4147cb44..1458d2ba070 100644 --- a/packages/xrpc-server/src/index.ts +++ b/packages/xrpc-server/src/index.ts @@ -5,4 +5,4 @@ export * from './stream' export * from './rate-limiter' export type { ServerTiming } from './util' -export { getReqIp, serverTimingHeader, ServerTimer } from './util' +export { serverTimingHeader, ServerTimer } from './util' diff --git a/packages/xrpc-server/src/rate-limiter.ts b/packages/xrpc-server/src/rate-limiter.ts index e650ec599ba..55d54cfe726 100644 --- a/packages/xrpc-server/src/rate-limiter.ts +++ b/packages/xrpc-server/src/rate-limiter.ts @@ -14,7 +14,6 @@ import { RateLimiterStatus, XRPCReqContext, } from './types' -import { getReqIp } from './util' export type RateLimiterOpts = { keyPrefix: string @@ -155,5 +154,5 @@ export const getTightestLimit = ( return lowest } -const defaultKey: CalcKeyFn = (ctx: XRPCReqContext) => getReqIp(ctx.req) +const defaultKey: CalcKeyFn = (ctx: XRPCReqContext) => ctx.req.ip const defaultPoints: CalcPointsFn = () => 1 diff --git a/packages/xrpc-server/src/util.ts b/packages/xrpc-server/src/util.ts index 813587382ba..730db950fbd 100644 --- a/packages/xrpc-server/src/util.ts +++ b/packages/xrpc-server/src/util.ts @@ -268,10 +268,6 @@ function decodeBodyStream( return stream } -export const getReqIp = (req: express.Request): string => { - return req.ips.at(-1) ?? req.ip -} - export function serverTimingHeader(timings: ServerTiming[]) { return timings .map((timing) => {