sec: add random scret forward token for set ip if app under proxy

Endpoint/Configuration/General/GeneralConfig.cs

@@ -18,6 +18,7 @@ public class GeneralConfig
     public ScheduleSettings? ScheduleSettings { get; set; }
     public EmailSettings? EmailSettings { get; set; }
     public LogSettings? LogSettings { get; set; }
+    public string? SecretForwardToken { get; set; }
 
     public void SaveSetting()
     {

Endpoint/Program.cs

@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
@@ -12,6 +13,7 @@ using Mirea.Api.Endpoint.Configuration.AppConfig;
 using Mirea.Api.Endpoint.Configuration.General;
 using Mirea.Api.Endpoint.Configuration.General.Validators;
 using Mirea.Api.Endpoint.Middleware;
+using Mirea.Api.Security.Services;
 using System;
 using System.IO;
 
@@ -64,6 +66,20 @@ public class Program
             });
         });
 
+        builder.Services.Configure<ForwardedHeadersOptions>(options =>
+        {
+            var secretForward = builder.Configuration.Get<GeneralConfig>();
+
+            if (string.IsNullOrEmpty(secretForward!.SecretForwardToken))
+            {
+                secretForward.SecretForwardToken = GeneratorKey.GenerateBase64(18);
+                secretForward.SaveSetting();
+            }
+
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+            options.ForwardedForHeaderName = secretForward.SecretForwardToken + "-X-Forwarded-For";
+        });
+
         builder.Services.AddCustomApiVersioning();
         builder.Services.AddCustomSwagger();
 
@@ -75,6 +91,7 @@ public class Program
         app.UseStaticFiles();
         app.UseCors("AllowAll");
         app.UseCustomSerilog();
+        app.UseForwardedHeaders();
 
         using (var scope = app.Services.CreateScope())
         {