--
You received this message because you are subscribed to the Google Groups "Enterprise Web Developer Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise-web-develope...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/enterprise-web-developer-community/4952229c-fa63-4717-88d6-1efa959cd88bn%40googlegroups.com.
Hi Nico,
The ip address in production is probably passed in somewhere else in the http headers. You can use the request-ip
npm module for that, I just wrote a piece of code yesterday to determine the client ip inside the beforeHandler.js code in qewd-up:
const ip = require("ip")
const requestIp = require('request-ip')
let privateIp = false
let clientIp = requestIp.getClientIp(req) || req.ip
if (clientIp && ip.isPrivate(clientIp)) {
privateIp = true
}
The request-ip
module looks at a lot of header parameters to determine the client ip. Cloud providers pass in different http headers for this. Using the ip
module you can determine if an ip is in a private range (not public). If request-ip does not find an ip address, it takes the ip address passed in by Express inside the request (req) parameter.
However, be aware that these modules fallback to localhost
(127.0.0.1 or ::1) if no headers are found, this can be dangerous when you only look at the ip address for security reasons! You should always use a proper authentication mechanism with a login to create a secure token.
HTH,
Ward