diff --git a/Endpoint/Configuration/General/GeneralConfig.cs b/Endpoint/Configuration/General/GeneralConfig.cs index 2f74a9a..2a6fcc2 100644 --- a/Endpoint/Configuration/General/GeneralConfig.cs +++ b/Endpoint/Configuration/General/GeneralConfig.cs @@ -18,6 +18,7 @@ public class GeneralConfig public ScheduleSettings? ScheduleSettings { get; set; } public EmailSettings? EmailSettings { get; set; } public LogSettings? LogSettings { get; set; } + public string? SecretForwardToken { get; set; } public void SaveSetting() { diff --git a/Endpoint/Program.cs b/Endpoint/Program.cs index 3066fa4..89c754c 100644 --- a/Endpoint/Program.cs +++ b/Endpoint/Program.cs @@ -1,4 +1,5 @@ using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.HttpOverrides; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; @@ -12,6 +13,7 @@ using Mirea.Api.Endpoint.Configuration.AppConfig; using Mirea.Api.Endpoint.Configuration.General; using Mirea.Api.Endpoint.Configuration.General.Validators; using Mirea.Api.Endpoint.Middleware; +using Mirea.Api.Security.Services; using System; using System.IO; @@ -64,6 +66,20 @@ public class Program }); }); + builder.Services.Configure(options => + { + var secretForward = builder.Configuration.Get(); + + if (string.IsNullOrEmpty(secretForward!.SecretForwardToken)) + { + secretForward.SecretForwardToken = GeneratorKey.GenerateBase64(18); + secretForward.SaveSetting(); + } + + options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto; + options.ForwardedForHeaderName = secretForward.SecretForwardToken + "-X-Forwarded-For"; + }); + builder.Services.AddCustomApiVersioning(); builder.Services.AddCustomSwagger(); @@ -75,6 +91,7 @@ public class Program app.UseStaticFiles(); app.UseCors("AllowAll"); app.UseCustomSerilog(); + app.UseForwardedHeaders(); using (var scope = app.Services.CreateScope()) {