Behind a reverse proxy like Traefik, RemoteAddr always contains the proxy's IP. Add realIP() helper that checks X-Real-IP first, then the first entry of X-Forwarded-For, falling back to RemoteAddr. Update both LoginRateLimit and Logging middleware to use realIP(). Add comprehensive tests for the new function. Fixes #12 |
||
|---|---|---|
| .. | ||
| config | ||
| database | ||
| docker | ||
| globals | ||
| handlers | ||
| healthcheck | ||
| logger | ||
| middleware | ||
| models | ||
| server | ||
| service | ||
| ssh | ||