IntelSight/Hetzner-Backup
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität

IP fix - Hoffe das wurde gefixt

Quellcode durchsuchen
Dieser Commit ist enthalten in:
UserIsMH
2025-06-09 23:58:23 +02:00
Ursprung c7decff64e
Commit 1bdee5dc95
1 geänderte Dateien mit 35 neuen und 18 gelöschten Zeilen
Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

53
v2_adminpanel/app.py
Datei anzeigen

@@ -28,6 +28,7 @@ import qrcode
from io import BytesIO from io import BytesIO
import base64 import base64
import json import json
from werkzeug.middleware.proxy_fix import ProxyFix
load_dotenv() load_dotenv()
@@ -45,6 +46,11 @@ app.config['SESSION_COOKIE_NAME'] = 'admin_session'
app.config['SESSION_REFRESH_EACH_REQUEST'] = False app.config['SESSION_REFRESH_EACH_REQUEST'] = False
Session(app) Session(app)
# ProxyFix für korrekte IP-Adressen hinter Nginx
app.wsgi_app = ProxyFix(
app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1
)
# Backup-Konfiguration # Backup-Konfiguration
BACKUP_DIR = Path("/app/backups") BACKUP_DIR = Path("/app/backups")
BACKUP_DIR.mkdir(exist_ok=True) BACKUP_DIR.mkdir(exist_ok=True)
@@ -69,6 +75,7 @@ scheduler.start()
# Logging konfigurieren # Logging konfigurieren
logging.basicConfig(level=logging.INFO) logging.basicConfig(level=logging.INFO)
# Login decorator # Login decorator
def login_required(f): def login_required(f):
@wraps(f) @wraps(f)
@@ -206,9 +213,12 @@ def log_audit(action, entity_type, entity_id=None, old_values=None, new_values=N
try: try:
username = session.get('username', 'system') username = session.get('username', 'system')
ip_address = request.remote_addr if request else None ip_address = get_client_ip() if request else None
user_agent = request.headers.get('User-Agent') if request else None user_agent = request.headers.get('User-Agent') if request else None
# Debug logging
app.logger.info(f"Audit log - IP address captured: {ip_address}, Action: {action}, User: {username}")
# Konvertiere Dictionaries zu JSONB # Konvertiere Dictionaries zu JSONB
old_json = Json(old_values) if old_values else None old_json = Json(old_values) if old_values else None
new_json = Json(new_values) if new_values else None new_json = Json(new_values) if new_values else None
@@ -464,12 +474,19 @@ scheduler.add_job(
# Rate-Limiting Funktionen # Rate-Limiting Funktionen
def get_client_ip(): def get_client_ip():
"""Ermittelt die echte IP-Adresse des Clients""" """Ermittelt die echte IP-Adresse des Clients"""
if request.environ.get('HTTP_X_FORWARDED_FOR'): # Debug logging
return request.environ['HTTP_X_FORWARDED_FOR'].split(',')[0] app.logger.info(f"Headers - X-Real-IP: {request.headers.get('X-Real-IP')}, X-Forwarded-For: {request.headers.get('X-Forwarded-For')}, Remote-Addr: {request.remote_addr}")
elif request.environ.get('HTTP_X_REAL_IP'):
return request.environ.get('HTTP_X_REAL_IP') # Try X-Real-IP first (set by nginx)
if request.headers.get('X-Real-IP'):
return request.headers.get('X-Real-IP')
# Then X-Forwarded-For
elif request.headers.get('X-Forwarded-For'):
# X-Forwarded-For can contain multiple IPs, take the first one
return request.headers.get('X-Forwarded-For').split(',')[0].strip()
# Fallback to remote_addr
else: else:
return request.environ.get('REMOTE_ADDR') return request.remote_addr
def check_ip_blocked(ip_address): def check_ip_blocked(ip_address):
"""Prüft ob eine IP-Adresse gesperrt ist""" """Prüft ob eine IP-Adresse gesperrt ist"""
@@ -1566,7 +1583,7 @@ def create_license():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
# IPv4s zuweisen # IPv4s zuweisen
if ipv4_count > 0: if ipv4_count > 0:
@@ -1591,7 +1608,7 @@ def create_license():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
# Telefonnummern zuweisen # Telefonnummern zuweisen
if phone_count > 0: if phone_count > 0:
@@ -1616,7 +1633,7 @@ def create_license():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
except ValueError as e: except ValueError as e:
conn.rollback() conn.rollback()
@@ -1816,7 +1833,7 @@ def batch_licenses():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
# IPv4s # IPv4s
if ipv4_count > 0: if ipv4_count > 0:
@@ -1841,7 +1858,7 @@ def batch_licenses():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
# Telefonnummern # Telefonnummern
if phone_count > 0: if phone_count > 0:
@@ -1866,7 +1883,7 @@ def batch_licenses():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (resource_id, license_id, session['username'], request.remote_addr)) """, (resource_id, license_id, session['username'], get_client_ip()))
generated_licenses.append({ generated_licenses.append({
'id': license_id, 'id': license_id,
@@ -3405,7 +3422,7 @@ def add_resources():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, action, action_by, ip_address)
VALUES (%s, 'created', %s, %s) VALUES (%s, 'created', %s, %s)
""", (resource_id, session['username'], request.remote_addr)) """, (resource_id, session['username'], get_client_ip()))
else: else:
duplicates += 1 duplicates += 1
@@ -3462,7 +3479,7 @@ def quarantine_resource(resource_id):
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, action, action_by, ip_address, details) INSERT INTO resource_history (resource_id, action, action_by, ip_address, details)
VALUES (%s, 'quarantined', %s, %s, %s) VALUES (%s, 'quarantined', %s, %s, %s)
""", (resource_id, session['username'], request.remote_addr, """, (resource_id, session['username'], get_client_ip(),
Json({'reason': reason, 'until': until_date, 'notes': notes, 'old_status': old_status}))) Json({'reason': reason, 'until': until_date, 'notes': notes, 'old_status': old_status})))
conn.commit() conn.commit()
@@ -3509,7 +3526,7 @@ def release_resources():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, action, action_by, ip_address)
VALUES (%s, 'released', %s, %s) VALUES (%s, 'released', %s, %s)
""", (resource_id, session['username'], request.remote_addr)) """, (resource_id, session['username'], get_client_ip()))
conn.commit() conn.commit()
cur.close() cur.close()
@@ -3571,7 +3588,7 @@ def allocate_resources_api():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (domain_id, license_id, session['username'], request.remote_addr)) """, (domain_id, license_id, session['username'], get_client_ip()))
allocated['domains'].append(domain_value) allocated['domains'].append(domain_value)
@@ -3605,7 +3622,7 @@ def allocate_resources_api():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (ipv4_id, license_id, session['username'], request.remote_addr)) """, (ipv4_id, license_id, session['username'], get_client_ip()))
allocated['ipv4s'].append(ipv4_value) allocated['ipv4s'].append(ipv4_value)
@@ -3639,7 +3656,7 @@ def allocate_resources_api():
cur.execute(""" cur.execute("""
INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address) INSERT INTO resource_history (resource_id, license_id, action, action_by, ip_address)
VALUES (%s, %s, 'allocated', %s, %s) VALUES (%s, %s, 'allocated', %s, %s)
""", (phone_id, license_id, session['username'], request.remote_addr)) """, (phone_id, license_id, session['username'], get_client_ip()))
allocated['phones'].append(phone_value) allocated['phones'].append(phone_value)