mirrors
/
navidrome
mirror of https://github.com/navidrome/navidrome.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Allow reverse proxy auth for unix socket (#2701)

This commit is contained in:
Kendall Garner 2023-12-12 11:06:27 +00:00 committed by Deluan
parent 1132abb013
commit 6ebb03210a
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/auth.go
View File

@ -193,7 +193,7 @@ func UsernameFromToken(r *http.Request) string {
}
func UsernameFromReverseProxyHeader(r *http.Request) string {
if conf.Server.ReverseProxyWhitelist == "" {
if conf.Server.ReverseProxyWhitelist == "" && !strings.HasPrefix(conf.Server.Address, "unix:") {
return ""
}
if !validateIPAgainstList(r.RemoteAddr, conf.Server.ReverseProxyWhitelist) {
@ -316,6 +316,12 @@ func handleLoginFromHeaders(ds model.DataStore, r *http.Request) map[string]inte
}
func validateIPAgainstList(ip string, comaSeparatedList string) bool {
// Per https://github.com/golang/go/issues/49825, the remote address
// on a unix socket is '@'
if ip == "@" && strings.HasPrefix(conf.Server.Address, "unix:") {
return true
}
if comaSeparatedList == "" || ip == "" {
return false
}