From 071146863b3e44db19bbcdf7c7cf29f0f9ee0f6e Mon Sep 17 00:00:00 2001 From: "Xaver Y.R. Chen" Date: Wed, 23 Dec 2015 18:04:03 +0800 Subject: [PATCH 1/4] Get remote address from "HTTP_X_FORWARDED_FOR" or "REMOTE_ADDR". --- rest_framework_tracking/mixins.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/rest_framework_tracking/mixins.py b/rest_framework_tracking/mixins.py index 50e77a3..4e824e0 100644 --- a/rest_framework_tracking/mixins.py +++ b/rest_framework_tracking/mixins.py @@ -21,12 +21,20 @@ def initialize_request(self, request, *args, **kwargs): except AttributeError: # if already a dict, can't dictify data_dict = request.data + # get IP + ip = request.META.get("HTTP_X_FORWARDED_FOR", None) + if ip: + # X_FORWARDED_FOR returns client1, proxy1, proxy2,... + ip = ip.split(", ")[0] + else: + ip = request.META.get("REMOTE_ADDR", "") + # save to log request.log = APIRequestLog.objects.create( user=user, requested_at=now(), path=request.path, - remote_addr=request.META['REMOTE_ADDR'], + remote_addr=ip, host=request.get_host(), method=request.method, query_params=request.query_params.dict(), From a618b0f98da506b53751cd83cc9b402e9c59ca2c Mon Sep 17 00:00:00 2001 From: "Xaver Y.R. Chen" Date: Wed, 23 Dec 2015 18:11:32 +0800 Subject: [PATCH 2/4] Fix indent --- rest_framework_tracking/mixins.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rest_framework_tracking/mixins.py b/rest_framework_tracking/mixins.py index 4e824e0..993373e 100644 --- a/rest_framework_tracking/mixins.py +++ b/rest_framework_tracking/mixins.py @@ -21,8 +21,8 @@ def initialize_request(self, request, *args, **kwargs): except AttributeError: # if already a dict, can't dictify data_dict = request.data - # get IP - ip = request.META.get("HTTP_X_FORWARDED_FOR", None) + # get IP + ip = request.META.get("HTTP_X_FORWARDED_FOR", None) if ip: # X_FORWARDED_FOR returns client1, proxy1, proxy2,... ip = ip.split(", ")[0] From 6757a9007d3d0dd8bc51abe8236a25516de2652f Mon Sep 17 00:00:00 2001 From: anna Date: Mon, 4 Jan 2016 14:57:16 -0500 Subject: [PATCH 3/4] test X_FORWARDED_FOR ip addr --- tests/test_mixins.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/test_mixins.py b/tests/test_mixins.py index 6c8c2fd..682e9e1 100644 --- a/tests/test_mixins.py +++ b/tests/test_mixins.py @@ -27,7 +27,7 @@ def test_log_path(self): log = APIRequestLog.objects.first() self.assertEqual(log.path, '/logging') - def test_log_ip(self): + def test_log_ip_remote(self): request = APIRequestFactory().get('/logging') request.META['REMOTE_ADDR'] = '127.0.0.9' @@ -35,6 +35,14 @@ def test_log_ip(self): log = APIRequestLog.objects.first() self.assertEqual(log.remote_addr, '127.0.0.9') + def test_log_ip_xforwarded(self): + request = APIRequestFactory().get('/logging') + request.META['HTTP_X_FORWARDED_FOR'] = '127.0.0.8' + + MockLoggingView.as_view()(request).render() + log = APIRequestLog.objects.first() + self.assertEqual(log.remote_addr, '127.0.0.8') + def test_log_host(self): self.client.get('/logging') log = APIRequestLog.objects.first() From cadc10778a4fed193a443ed347536a10b3ee3d06 Mon Sep 17 00:00:00 2001 From: anna Date: Mon, 4 Jan 2016 15:01:51 -0500 Subject: [PATCH 4/4] update docs --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d5d102b..0ac0f02 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ drf-tracking provides a Django model and DRF view mixin that work together to lo `requested_at` | Date-time that the request was made | DateTimeField `response_ms` | Number of milliseconds spent in view code | PositiveIntegerField `path` | Target URI of the request, e.g., `"/api/"` | CharField -`remote_addr` | IP address where the request originated, e.g., `"127.0.0.1"` | GenericIPAddressField +`remote_addr` | IP address where the request originated (X_FORWARDED_FOR if available, REMOTE_ADDR if not), e.g., `"127.0.0.1"` | GenericIPAddressField `host` | Originating host of the request, e.g., `"example.com"` | URLField `method` | HTTP method, e.g., `"GET"` | CharField `query_params` | Dictionary of request query parameters, as text | TextField