diff mod_register_web/mod_register_web.lua @ 3724:1c3c7d73c5a6

mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) mod_http since Prosody 0.11 will process the `X-Forwarded-For` header and store the result in `request.ip`.
author Kim Alvefur <zash@zash.se>
date Fri, 01 Nov 2019 17:15:29 +0100
parents f9a93d7b6c50
children 19e43b7a969d
line wrap: on
line diff
--- a/mod_register_web/mod_register_web.lua	Fri Nov 01 14:08:10 2019 +0100
+++ b/mod_register_web/mod_register_web.lua	Fri Nov 01 17:15:29 2019 +0100
@@ -39,6 +39,8 @@
 local register_tpl = get_template "register";
 local success_tpl = get_template "success";
 
+-- COMPAT `or request.conn:ip()`
+
 if next(captcha_options) ~= nil then
 	local recaptcha_tpl = get_template "recaptcha";
 
@@ -57,7 +59,7 @@
 		http.request("https://www.google.com/recaptcha/api/siteverify", {
 			body = http.formencode {
 				secret = captcha_options.recaptcha_private_key;
-				remoteip = request.conn:ip();
+				remoteip = request.ip or request.conn:ip();
 				response = form["g-recaptcha-response"];
 			};
 		}, function (verify_result, code)
@@ -137,7 +139,7 @@
 	if usermanager.user_exists(prepped_username, module.host) then
 		return nil, "Username already taken";
 	end
-	local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.conn:ip(), allowed = true }
+	local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.ip or origin.conn:ip(), allowed = true }
 	module:fire_event("user-registering", registering);
 	if not registering.allowed then
 		return nil, registering.reason or "Registration not allowed";
@@ -162,7 +164,7 @@
 			username = prepped_username,
 			host = module.host,
 			source = module.name,
-			ip = origin.conn:ip(),
+			ip = origin.ip or origin.conn:ip(),
 		});
 	end
 	return jid, err;