From caa8604ee45ef9a94441a012ab7e0bfdb9b84c61 Mon Sep 17 00:00:00 2001
From: Parker <contact@pkrm.dev>
Date: Sun, 3 Nov 2024 15:55:25 -0600
Subject: Correct IP w/ proxies

---
 .gitignore  |  4 +++-
 app/main.py | 21 ++++++++++++++++-----
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index f1e68dc..640f67f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,4 +3,6 @@ data.db
 __pycache__
 .DS_Store
 internal_notes.txt
-config.ini
\ No newline at end of file
+config.ini
+data
+docker-volume
\ No newline at end of file
diff --git a/app/main.py b/app/main.py
index a0f59f0..d890fa9 100644
--- a/app/main.py
+++ b/app/main.py
@@ -55,7 +55,9 @@ def login():
         if not user:
             return {"status": "Invalid username or password"}
 
-        if bcrypt.checkpw(password.encode("utf-8"), user.password.encode("utf-8")):
+        if bcrypt.checkpw(
+            password.encode("utf-8"), user.password.encode("utf-8")
+        ):
             flask_user = FlaskUser()
             flask_user.id = username
             login_user(flask_user)
@@ -82,7 +84,9 @@ def signup():
         if not any(char.isdigit() for char in password):
             return {"status": "Password must contain at least one digit"}
         if not any(char.isupper() for char in password):
-            return {"status": "Password must contain at least one uppercase letter"}
+            return {
+                "status": "Password must contain at least one uppercase letter"
+            }
 
         # Get database session
         db = SessionLocal()
@@ -95,8 +99,12 @@ def signup():
         hashed_password = bcrypt.hashpw(
             password.encode("utf-8"), bcrypt.gensalt()
         ).decode("utf-8")
-        api_key = "".join(random.choices(string.ascii_letters + string.digits, k=20))
-        new_user = User(username=username, password=hashed_password, api_key=api_key)
+        api_key = "".join(
+            random.choices(string.ascii_letters + string.digits, k=20)
+        )
+        new_user = User(
+            username=username, password=hashed_password, api_key=api_key
+        )
         db.add(new_user)
         db.commit()
         db.close()
@@ -159,7 +167,10 @@ def log_redirect(link):
         return redirect(BASE_URL)
     else:
         # Log the visit
-        ip = request.remote_addr
+        if request.headers.get("X-Forwarded-For"):
+            ip = request.headers.get("X-Forwarded-For").split(",")[0]
+        else:
+            ip = request.remote_addr
         user_agent = request.headers.get("User-Agent")
         log(link, ip, user_agent)
         db.close()
-- 
cgit v1.2.3-70-g09d2