From d0ded3e52d14cd8d6d9afa5fcd0dcbc47bbd62fe Mon Sep 17 00:00:00 2001
From: Guillaume Rousse <guillaume.rousse@renater.fr>
Date: Tue, 12 Apr 2022 18:03:35 +0200
Subject: [PATCH] configurable list of proxies to exclude of client IP address
 computation

---
 conf/manager.conf      |  1 +
 lib/AccessCheck/App.pm | 12 +++++++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/conf/manager.conf b/conf/manager.conf
index 292af27..162676f 100644
--- a/conf/manager.conf
+++ b/conf/manager.conf
@@ -3,6 +3,7 @@ support_email = support@my.fqdn
 name = eduGAIN Access Check
 url = https://access-check.my.fqdn
 login_url = https://access-check.my.fqdn/Shibboleth.sso/Login
+proxies =
 
 [setup]
 # templates theme
diff --git a/lib/AccessCheck/App.pm b/lib/AccessCheck/App.pm
index a637e0b..428e3cb 100644
--- a/lib/AccessCheck/App.pm
+++ b/lib/AccessCheck/App.pm
@@ -26,6 +26,8 @@ sub startup {
 
     $self->plugin('INIConfig', { file => $ENV{ACCESS_CHECK_CONFIG} || 'conf/manager.conf' });
 
+    my $config = $self->config();
+
     $self->plugin(
         'TemplateToolkit',
         {
@@ -39,9 +41,13 @@ sub startup {
         }
     );
 
-    $self->plugin('ClientIP');
-
-    my $config = $self->config();
+    $self->plugin(
+        'ClientIP',
+        {
+            private => [ '127.0.0.0/8' ],
+            ignore  => [ $self->string_to_list($config->{app}->{proxies}) ]
+        }
+    );
 
     $self->log(
         Mojo::Log->new(
-- 
GitLab