fluxerapp/fluxer
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

refactor progress

Browse Source
This commit is contained in:
Hampus Kraft
2026-02-17 12:22:36 +00:00
parent cb31608523
commit d5abd1a7e4
8257 changed files with 1190207 additions and 761040 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
packages/api/src/middleware/RequireXForwardedForMiddleware.tsx Normal file
View File

@@ -0,0 +1,61 @@
/*
* Copyright (C) 2026 Fluxer Contributors
*
* This file is part of Fluxer.
*
* Fluxer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Fluxer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
*/
import {Config} from '@fluxer/api/src/Config';
import {Logger} from '@fluxer/api/src/Logger';
import type {HonoEnv} from '@fluxer/api/src/types/HonoEnv';
import {stripApiPrefix} from '@fluxer/api/src/utils/RequestPathUtils';
import {createMiddleware} from 'hono/factory';
import {HTTPException} from 'hono/http-exception';
interface RequireXForwardedForOptions {
exemptPaths?: Array<string>;
}
const defaultExemptPaths: Array<string> = [
'/_health',
'/_rpc',
'/webhooks/livekit',
'/test',
'/connections/bluesky/client-metadata.json',
'/connections/bluesky/jwks.json',
];
export function RequireXForwardedForMiddleware({exemptPaths = defaultExemptPaths}: RequireXForwardedForOptions = {}) {
return createMiddleware<HonoEnv>(async (ctx, next) => {
if (Config.dev.testModeEnabled) {
await next();
return;
}
const path = stripApiPrefix(ctx.req.path);
if (exemptPaths.some((prefix) => path === prefix || path.startsWith(prefix))) {
await next();
return;
}
const headerValue = ctx.req.header('x-forwarded-for');
if (!headerValue || headerValue.trim() === '') {
Logger.warn({path}, 'Rejected request without X-Forwarded-For header');
throw new HTTPException(403, {message: 'Forbidden'});
}
await next();
});
}