From cdddffc977bf01e05dda9871f8bca8886d98d774 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Wed, 29 Nov 2017 08:42:29 -0500 Subject: [PATCH] GetRequestInfo on ban --- .../Utilities/CustomIpRateLimitMiddleware.cs | 29 ++++++++----------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/src/Core/Utilities/CustomIpRateLimitMiddleware.cs b/src/Core/Utilities/CustomIpRateLimitMiddleware.cs index 2ab987d99d..115823d101 100644 --- a/src/Core/Utilities/CustomIpRateLimitMiddleware.cs +++ b/src/Core/Utilities/CustomIpRateLimitMiddleware.cs @@ -60,7 +60,7 @@ namespace Bit.Core.Utilities if(blockedCount > 10) { _blockIpService.BlockIpAsync(identity.ClientIp, false); - _logger.LogInformation($"Blocked {identity.ClientIp} with token {GetToken(httpContext.Request)}"); + _logger.LogInformation($"Blocked {identity.ClientIp}. Request Info: {GetRequestInfo(httpContext)}"); } else { @@ -69,30 +69,25 @@ namespace Bit.Core.Utilities } } - private string GetToken(HttpRequest request) + private string GetRequestInfo(HttpContext httpContext) { - if(request == null) + if(httpContext == null || httpContext.Request == null) { return null; } - var authorization = request.Headers["Authorization"].FirstOrDefault(); - if(string.IsNullOrWhiteSpace(authorization)) + var s = string.Empty; + foreach(var header in httpContext.Request.Headers) { - // Bearer token could exist in the 'Content-Language' header on clients that want to avoid pre-flights. - var languageAuth = request.Headers["Content-Language"].FirstOrDefault(); - if(string.IsNullOrWhiteSpace(languageAuth) || - !languageAuth.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) - { - return request.Query["access_token"].FirstOrDefault(); - } - else - { - authorization = languageAuth.Split(',')[0]; - } + s += $"H_{header.Key}: {header.Value} | "; } - return authorization; + foreach(var query in httpContext.Request.Query) + { + s += $"Q_{query.Key}: {query.Value} | "; + } + + return s; } } }