extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-11-22 16:23:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add trusted proxies as an env var

Browse Source
This commit is contained in:
Bubka 2022-04-14 11:34:40 +02:00
parent 0b0cf5603f
commit bf495f9019
5 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.env.example
View File

@ -146,6 +146,12 @@ WEBAUTHN_ICON=
WEBAUTHN_USER_VERIFICATION= WEBAUTHN_USER_VERIFICATION=
# Use this setting to declare trusted proxied.
# Supported:
# '*': to trust any proxy
# A comma separated IP list: The list of proxies IP to trust
TRUSTED_PROXIES=
# Leave the following configuration vars as is. # Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing. # Unless you like to tinker and know what you're doing.

5
Dockerfile
View File

@ -191,6 +191,11 @@ ENV \
# 'preferred' (default) : Will ask for user verification IF POSSIBLE # 'preferred' (default) : Will ask for user verification IF POSSIBLE
# 'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow) # 'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow)
WEBAUTHN_USER_VERIFICATION= \ WEBAUTHN_USER_VERIFICATION= \
# Use this setting to declare trusted proxied.
# Supported:
# '*': to trust any proxy
# A comma separated IP list: The list of proxies IP to trust
TRUSTED_PROXIES= \
# Leave the following configuration vars as is. # Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing. # Unless you like to tinker and know what you're doing.
BROADCAST_DRIVER=log \ BROADCAST_DRIVER=log \

8
app/Http/Middleware/TrustProxies.php
View File

@ -25,4 +25,12 @@ class TrustProxies extends Middleware
Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB; Request::HEADER_X_FORWARDED_AWS_ELB;
/**
* TrustProxies constructor.
*/
public function __construct()
{
$this->proxies = (string) config('2fauth.config.trustedProxies');
}
} }

1
config/2fauth.php
View File

@ -20,6 +20,7 @@
'config' => [ 'config' => [
'isDemoApp' => env('IS_DEMO_APP', false), 'isDemoApp' => env('IS_DEMO_APP', false),
'trustedProxies' => env('TRUSTED_PROXIES', null),
], ],
/* /*

5
docker/docker-compose.yml
View File

@ -91,6 +91,11 @@ services:
# 'preferred' (default) : Will ask for user verification IF POSSIBLE # 'preferred' (default) : Will ask for user verification IF POSSIBLE
# 'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow) # 'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow)
- WEBAUTHN_USER_VERIFICATION= - WEBAUTHN_USER_VERIFICATION=
# Use this setting to declare trusted proxied.
# Supported:
# '*': to trust any proxy
# A comma separated IP list: The list of proxies IP to trust
- TRUSTED_PROXIES=
# Leave the following configuration vars as is. # Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing. # Unless you like to tinker and know what you're doing.
- BROADCAST_DRIVER=log - BROADCAST_DRIVER=log