Railway•9mo ago

IP address of caller

I need to put some security based on the IP address of the client calling an API. Is there a way I can know the original IP address of the caller from the request?

Solution:

trust the X-Forwarded-For header https://utilities.up.railway.app/raw...

Jump to solution

60 Replies

Percy•9mo ago

Project ID: d1c85c02-8ca5-43c3-adc6-4a24cb066e33

macwilko•9mo ago

d1c85c02-8ca5-43c3-adc6-4a24cb066e33

Solution

Brody•9mo ago

trust the X-Forwarded-For header https://utilities.up.railway.app/raw

macwilko•9mo ago

sweet thx brody

macwilko•9mo ago

adding this. Ruby Rails headers have HTTP_ prefix before the header

Brody•9mo ago

you should split that header value by , and use the first value https://utilities.overr.net/raw

macwilko•9mo ago

oh damn good spot thanks!

Brody•9mo ago

theres probably a middleware that would do all this for you

macwilko•9mo ago

my quick and dirty sneaky

Brody•9mo ago

that would just return the original string if there is no comma right?

macwilko•9mo ago

Brody•9mo ago

perfect 👌

macwilko•9mo ago

yeah ruby is nice like that super forgiving language lets you do bad stuff though 😉

Brody•9mo ago

macwilko•9mo ago

i did not expect that of Go!

Brody•9mo ago

why not!? 😭 you can do that in almost every language

macwilko•9mo ago

idk, i think some languages crash if you do [][0] there's no items in that array ruby is fine, it says, whatever man, nil peace what happens if the string is "" in this Go code?

Ashwin•9mo ago

Off topic but what are you using for these screenshots? They're stunning

macwilko•9mo ago

Xnapper! But I think a railway member (fp) has made an open source clone

Ashwin•9mo ago

Awesome, thank you :D Do you by any chance have a link to the open source clone?

macwilko•9mo ago

@Vin sorry to tag you here, but do you know?

MantisInABox•9mo ago

Yeah, the source for FPs project is here https://github.com/FarazPatankar/snip-snap/

GitHub

GitHub - FarazPatankar/snip-snap: A simple but powerful tool to mak...

A simple but powerful tool to make your screenshots prettier. - GitHub - FarazPatankar/snip-snap: A simple but powerful tool to make your screenshots prettier.

Brody•9mo ago

it returns a slice with "" then selecting the zeroth index from that slice will just return an empty string value

MantisInABox•9mo ago

Go is extremely forgiving, but the code analyzers and compiler prevent you from doing stupid things

macwilko•9mo ago

that's really nice 🙂

MantisInABox•9mo ago

That's one of the reasons why I have been using Go for literally everything lately... Prevents me from doing the normal stupid things I tend to do

Brody•9mo ago

https://github.com/brody192/gorilla-mux-template/blob/main/internal/middleware/trustproxy.go#L140-L151 🙂

MantisInABox•9mo ago

Such good code Brody

Brody•9mo ago

in my head that sounds like sarcasm

macwilko•9mo ago

hehe

MantisInABox•9mo ago

Nope. It was sincere... You have seen my code... I still manage to do a lot of bad things with Go

Brody•9mo ago

aws shucks, thanks 🙂

macwilko•9mo ago

tbh if I ever do a re-write, I'de sincerely consider Go again

Brody•9mo ago

though now that im looking at it, why didnt i just do this

func getRealIP(headers http.Header) string {
    for _, proxyHeader := range proxyIPHeaders {
        if value := headers.Get(proxyHeader); value != "" {
            return strings.SplitN(value, ",", 2)[0]
        }
    }
}

func getRealIP(headers http.Header) string {
    for _, proxyHeader := range proxyIPHeaders {
        if value := headers.Get(proxyHeader); value != "" {
            return strings.SplitN(value, ",", 2)[0]
        }
    }
}

macwilko•9mo ago

i think one of the pains i had was GORM kinda sucked

Brody•9mo ago

gorm does suck

macwilko•9mo ago

idk if there's better alterntatives now

Brody•9mo ago

there is

macwilko•9mo ago

MantisInABox•9mo ago

Gorm is so good though

macwilko•9mo ago

that's good i mean back when I used GORM it didn't even have good migration files it just auto migrated everything

Brody•9mo ago

good times

macwilko•9mo ago

but yeah now all my slow areas of code are to do with the damn database layer being slow >.< ActiveRecord is also very bloated

MantisInABox•9mo ago

ActiveRecord hurts my soul

macwilko•9mo ago

oh well, future self problem >.<

Ashwin•9mo ago

Thank you so much!!

macwilko•9mo ago

https://youtu.be/dbXgs-aQ7cE?si=UbvycHF3fhN0YUMc

ThePrimeTime

YouTube

Golang Is Poorly Designed | Prime Reacts

Recorded live on twitch, GET IN https://twitch.tv/ThePrimeagen Reviewed article: https://medium.com/@paul.folbrecht/golang-is-a-poorly-designed-language-c1361b49e82#:~:text=Even%20the%20smart%20Go%20promoters,make%20specific%20things%20%E2%80%9Ceasier.%E2%80%9D Author: Paul Folbrecht | https://medium.com/@paul.folbrecht MY MAIN YT CHANNEL: H...

Brody•9mo ago

I don't like him

macwilko•9mo ago

This episode I think you’ll like

Brody•9mo ago

I don't think I will go is perfect

macwilko•9mo ago

Go watch it (when you have time)

Brody•9mo ago

how long is it

macwilko•9mo ago

25 mins

MantisInABox•9mo ago

That's about 24 minutes too long for Brody! 🤣 If it isn't Fireship something in 100 seconds, its too long

Brody•9mo ago

oh hell no, fireships 100 second videos are already pushing the limits of my attention span

macwilko•9mo ago

🧠

Brody•9mo ago

is there a brain emoji that doesn't have wrinkles?

macwilko•9mo ago

You got the reference 🫶🤣

Gaming

Programming

IP address of caller