[Bugfix] user login ip

29061aa0 · ibuler · dad21cad · 29061aa0 · 29061aa0 · 29061aa0
Commit 29061aa0 authored Jan 16, 2018 by ibuler
Show whitespace changes
Inline Side-by-side

Showing with 15 additions and 5 deletions

api.py apps/terminal/api.py +3 -1

api.py apps/users/api.py +5 -1

utils.py apps/users/utils.py +2 -1

login.py apps/users/views/login.py +5 -2

No files found.
--- a/apps/terminal/api.py
+++ b/apps/terminal/api.py
@@ -141,7 +141,9 @@ class StatusViewSet(viewsets.ModelViewSet):
            session = serializer.save()
            return session
        else:
-            msg = "session data is not valid {}".format(serializer.errors)
+            msg = "session data is not valid {}: {}".format(
+                serializer.errors, str(serializer.data)
+            )
            logger.error(msg)
            return None


--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -128,7 +128,11 @@ class UserAuthApi(APIView):
        user_agent = request.data.get('HTTP_USER_AGENT', '')

        if not login_ip:
-            login_ip = request.META.get('HTTP_X_FORWARDED_FOR') or request.META.get("REMOTE_ADDR")
+            x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR').split()
+            if x_forwarded_for:
+                login_ip = x_forwarded_for[0]
+            else:
+                login_ip = request.META.get("REMOTE_ADDR")

        user, msg = check_user_valid(
            username=username, password=password,

--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@@ -180,7 +180,8 @@ def validate_ip(ip):

 def write_login_log(username, type='', ip='', user_agent=''):
    if not (ip and validate_ip(ip)):
-        ip = '0.0.0.0'
+        city = "Unknown"
+    else:
        city = get_ip_city(ip)
    LoginLog.objects.create(
        username=username, type=type,

--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@@ -53,8 +53,11 @@ class UserLoginView(FormView):
        if not self.request.session.test_cookie_worked():
            return HttpResponse(_("Please enable cookies and try again."))
        auth_login(self.request, form.get_user())
-        login_ip = self.request.META.get('HTTP_X_FORWARDED_FOR') or \
-                   self.request.META.get('REMOTE_ADDR', '')
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR', '').split()
+        if x_forwarded_for:
+            login_ip = x_forwarded_for[0]
+        else:
+            login_ip = self.request.META.get('REMOTE_ADDR', '')
        user_agent = self.request.META.get('HTTP_USER_AGENT', '')
        write_login_log_async.delay(
            self.request.user.username, type='W',