From 3b656e05a2580de359f394381d2f5f0970285e8e Mon Sep 17 00:00:00 2001 From: Qstick Date: Fri, 2 Oct 2020 23:02:42 -0400 Subject: [PATCH] Added UserAgent to api request trace log Co-Authored-By: Taloth Signed-off-by: Robin Dadswell --- .../Authentication/AuthenticationService.cs | 10 ++-- .../Pipelines/RequestLoggingPipeline.cs | 16 ++++++- .../Extensions/RequestExtensions.cs | 46 +++++++++++++++++++ 3 files changed, 65 insertions(+), 7 deletions(-) diff --git a/src/Readarr.Http/Authentication/AuthenticationService.cs b/src/Readarr.Http/Authentication/AuthenticationService.cs index 7405427c8..ea580d3df 100644 --- a/src/Readarr.Http/Authentication/AuthenticationService.cs +++ b/src/Readarr.Http/Authentication/AuthenticationService.cs @@ -208,27 +208,27 @@ namespace Readarr.Http.Authentication public void LogUnauthorized(NancyContext context) { - _authLogger.Info("Auth-Unauthorized ip {0} url '{1}'", context.Request.UserHostAddress, context.Request.Url.ToString()); + _authLogger.Info("Auth-Unauthorized ip {0} url '{1}'", context.GetRemoteIP(), context.Request.Url.ToString()); } private void LogInvalidated(NancyContext context) { - _authLogger.Info("Auth-Invalidated ip {0}", context.Request.UserHostAddress); + _authLogger.Info("Auth-Invalidated ip {0}", context.GetRemoteIP()); } private void LogFailure(NancyContext context, string username) { - _authLogger.Warn("Auth-Failure ip {0} username '{1}'", context.Request.UserHostAddress, username); + _authLogger.Warn("Auth-Failure ip {0} username '{1}'", context.GetRemoteIP(), username); } private void LogSuccess(NancyContext context, string username) { - _authLogger.Info("Auth-Success ip {0} username '{1}'", context.Request.UserHostAddress, username); + _authLogger.Info("Auth-Success ip {0} username '{1}'", context.GetRemoteIP(), username); } private void LogLogout(NancyContext context, string username) { - _authLogger.Info("Auth-Logout ip {0} username '{1}'", context.Request.UserHostAddress, username); + _authLogger.Info("Auth-Logout ip {0} username '{1}'", context.GetRemoteIP(), username); } } } diff --git a/src/Readarr.Http/Extensions/Pipelines/RequestLoggingPipeline.cs b/src/Readarr.Http/Extensions/Pipelines/RequestLoggingPipeline.cs index 484d73e50..2d341d834 100644 --- a/src/Readarr.Http/Extensions/Pipelines/RequestLoggingPipeline.cs +++ b/src/Readarr.Http/Extensions/Pipelines/RequestLoggingPipeline.cs @@ -1,4 +1,4 @@ -using System; +using System; using System.Threading; using Nancy; using Nancy.Bootstrapper; @@ -42,7 +42,7 @@ namespace NzbDrone.Api.Extensions.Pipelines var reqPath = GetRequestPathAndQuery(context.Request); - _loggerHttp.Trace("Req: {0} [{1}] {2}", id, context.Request.Method, reqPath); + _loggerHttp.Trace("Req: {0} [{1}] {2} (from {3})", id, context.Request.Method, reqPath, GetOrigin(context)); return null; } @@ -89,5 +89,17 @@ namespace NzbDrone.Api.Extensions.Pipelines return request.Url.Path; } } + + private static string GetOrigin(NancyContext context) + { + if (context.Request.Headers.UserAgent.IsNullOrWhiteSpace()) + { + return context.GetRemoteIP(); + } + else + { + return $"{context.GetRemoteIP()} {context.Request.Headers.UserAgent}"; + } + } } } diff --git a/src/Readarr.Http/Extensions/RequestExtensions.cs b/src/Readarr.Http/Extensions/RequestExtensions.cs index a82b2c133..8b2cc5a95 100644 --- a/src/Readarr.Http/Extensions/RequestExtensions.cs +++ b/src/Readarr.Http/Extensions/RequestExtensions.cs @@ -1,5 +1,8 @@ using System; +using System.Linq; +using System.Net; using Nancy; +using NzbDrone.Common.Extensions; namespace Readarr.Http.Extensions { @@ -90,5 +93,48 @@ namespace Readarr.Http.Extensions return defaultValue; } + + public static string GetRemoteIP(this NancyContext context) + { + if (context == null || context.Request == null) + { + return "Unknown"; + } + + var remoteAddress = context.Request.UserHostAddress; + IPAddress remoteIP; + + // Only check if forwarded by a local network reverse proxy + if (IPAddress.TryParse(remoteAddress, out remoteIP) && remoteIP.IsLocalAddress()) + { + var realIPHeader = context.Request.Headers["X-Real-IP"]; + if (realIPHeader.Any()) + { + return realIPHeader.First().ToString(); + } + + var forwardedForHeader = context.Request.Headers["X-Forwarded-For"]; + if (forwardedForHeader.Any()) + { + // Get the first address that was forwarded by a local IP to prevent remote clients faking another proxy + foreach (var forwardedForAddress in forwardedForHeader.SelectMany(v => v.Split(',')).Select(v => v.Trim()).Reverse()) + { + if (!IPAddress.TryParse(forwardedForAddress, out remoteIP)) + { + return remoteAddress; + } + + if (!remoteIP.IsLocalAddress()) + { + return forwardedForAddress; + } + + remoteAddress = forwardedForAddress; + } + } + } + + return remoteAddress; + } } }