fix: configure ForwardedHeaders so playground rate limit uses real client IP
All checks were successful
NALU Deployment Pipeline / Run Tests (push) Successful in 1m27s
NALU Deployment Pipeline / PR Validation (push) Has been skipped
NALU Deployment Pipeline / Build and Push Image (push) Successful in 1m48s
NALU Deployment Pipeline / Deploy naluai.dev (push) Successful in 47s
NALU Deployment Pipeline / Cleanup Old Resources (push) Successful in 12s
All checks were successful
NALU Deployment Pipeline / Run Tests (push) Successful in 1m27s
NALU Deployment Pipeline / PR Validation (push) Has been skipped
NALU Deployment Pipeline / Build and Push Image (push) Successful in 1m48s
NALU Deployment Pipeline / Deploy naluai.dev (push) Successful in 47s
NALU Deployment Pipeline / Cleanup Old Resources (push) Successful in 12s
Without this, RemoteIpAddress was always 127.0.0.1 (nginx), making the 10-calls/day limit shared across all users instead of per-IP. Clears KnownNetworks/KnownProxies to trust Cloudflare's X-Forwarded-For. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
12591d90f9
commit
843782249e
@ -257,6 +257,16 @@ StripeConfiguration.ApiKey = builder.Configuration["Stripe:SecretKey"];
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
// ── Forwarded headers (Cloudflare → nginx → app) ─────────────────────────────
|
||||
var fwdOpts = new ForwardedHeadersOptions
|
||||
{
|
||||
ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor |
|
||||
Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedProto
|
||||
};
|
||||
fwdOpts.KnownNetworks.Clear(); // trust all proxies — Cloudflare IPs vary widely
|
||||
fwdOpts.KnownProxies.Clear();
|
||||
app.UseForwardedHeaders(fwdOpts);
|
||||
|
||||
// Initialize MongoDB indexes on startup
|
||||
var mongo = app.Services.GetRequiredService<MongoDbContext>();
|
||||
await mongo.InitializeAsync();
|
||||
|
||||
Loading…
Reference in New Issue
Block a user