add an env var to handle getting IP from behind a proxy and fixing rate limiting

MoralCode · MoralCode · commit 3363d5af26de · 2023-02-17T17:20:53.000-05:00
diff --git a/README.md b/README.md
@@ -18,7 +18,7 @@ This is the backend that provides access to the ClassClock database.
 | AUTH0_CLIENT_ID   | no default   |  Your Auth0 Client ID  |
 | AUTH0_CLIENT_SECRET   | no default   |  Your Auth0 Client Secret   |
 | SENTRY_DSN   | no default   |  The dsn URL from the sentry.io setup in case you wish to set up error monitoring   |
-
+| TRUSTED_PROXY_COUNT | no default | The number of proxies that are in between users and the app itself. Setting this too high can create security problems. Setting too low can cause rate limiting to not work |
 
 
 ## First time Setup
diff --git a/api.py b/api.py
@@ -9,6 +9,8 @@
 from common.schemas import *
 from auth import db_connection_string
 from flask_migrate import Migrate
+from werkzeug.middleware.proxy_fix import ProxyFix
+
 from os import environ as env
 
 if env.get("SENTRY_DSN"):
@@ -23,6 +25,11 @@
 
 def create_app(config_filename=None):
     app = Flask(__name__)
+    if env.get("TRUSTED_PROXY_COUNT"):
+        # for example if the request goes through one proxy
+        # before hitting your application server
+        app.wsgi_app = ProxyFix(app.wsgi_app, x_for=env.get("TRUSTED_PROXY_COUNT"))
+
     if config_filename:
         app.config.from_pyfile(config_filename)
 
