sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
ef0786c4b4
upaas/internal
History
clawbot ef0786c4b4 fix: extract real client IP from proxy headers (X-Real-IP / X-Forwarded-For) 
Behind a reverse proxy like Traefik, RemoteAddr always contains the
proxy's IP. Add realIP() helper that checks X-Real-IP first, then the
first entry of X-Forwarded-For, falling back to RemoteAddr.

Update both LoginRateLimit and Logging middleware to use realIP().
Add comprehensive tests for the new function.

Fixes #12
2026-02-15 21:14:12 -08:00
..
config Add deployment improvements and UI enhancements 2025-12-30 15:05:26 +07:00
database fix: use hashed webhook secrets for constant-time comparison 2026-02-15 14:06:53 -08:00
docker Add build log file storage and download functionality 2026-01-01 06:08:00 -08:00
globals Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
handlers Merge pull request 'Clean up Docker container when deleting an app (closes #2)' (#7) from clawbot/upaas:fix/issue-2 into main 2026-02-16 05:56:56 +01:00
healthcheck Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
logger Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
middleware fix: extract real client IP from proxy headers (X-Real-IP / X-Forwarded-For) 2026-02-15 21:14:12 -08:00
models fix: use hashed webhook secrets for constant-time comparison 2026-02-15 14:06:53 -08:00
server Add rate limiting to login endpoint to prevent brute force 2026-02-15 21:01:11 -08:00
service Merge pull request 'Set Secure flag on session cookie in production mode (closes #5)' (#10) from clawbot/upaas:fix/issue-5 into main 2026-02-16 05:58:22 +01:00
ssh Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00