From a4018ed3ca0ccb6bb64125f3dbf946825e672abd Mon Sep 17 00:00:00 2001 From: "Gan, Jimmy" Date: Thu, 26 Feb 2026 03:29:28 +0800 Subject: [PATCH] fix: read real client IP from X-Forwarded-For behind Caddy/Docker --- dashboard/backend/main.py | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/dashboard/backend/main.py b/dashboard/backend/main.py index 36386ba..91afddb 100644 --- a/dashboard/backend/main.py +++ b/dashboard/backend/main.py @@ -116,20 +116,20 @@ async def health(): @app.get("/api/client-ip") async def client_ip(request: Request): - ip = request.client.host - if ip.startswith("192.168.31."): - return {"ip": ip, "lan": True} - if ip.startswith("100."): - import socket - try: - s = socket.socket() - s.settimeout(1) - s.connect(("192.168.31.1", 80)) - s.close() - return {"ip": ip, "lan": True} - except Exception: - pass - return {"ip": ip, "lan": False} + ip = request.headers.get("x-forwarded-for", "").split(",")[0].strip() or request.client.host + lan = ip.startswith("192.168.31.") or (ip.startswith("100.") and _router_reachable()) + return {"ip": ip, "lan": lan} + +def _router_reachable(): + import socket + try: + s = socket.socket() + s.settimeout(1) + s.connect(("192.168.31.1", 80)) + s.close() + return True + except Exception: + return False # Public auth endpoints app.include_router(auth.router, prefix="/api/auth", tags=["auth"])