fix: Backward compatibility for header X-Real-IP, move Dockerfile…

… to `package` directory

.github/workflows/live.yaml

@@ -26,15 +26,15 @@ jobs:
 
             - uses: hadolint/[email protected]
               with:
-                dockerfile: build/Dockerfile
+                dockerfile: build/package/Dockerfile
 
             - uses: hadolint/[email protected]
               with:
-                dockerfile: build/Dockerfile.test
+                dockerfile: build/package/Dockerfile.test
 
             - name: Unit testing # Using staging environment
               run: |
-                  docker build -t ${{github.event.repository.name}} -f build/Dockerfile.test .
+                  docker build -t ${{github.event.repository.name}} -f build/package/Dockerfile.test .
 
                   docker run --rm --name ${{github.event.repository.owner.login}} --add-host=host.docker.internal:host-gateway -e GOOGLE_CLOUD_STORAGE_SERVICE_ACCOUNT -e GOOGLE_CLOUD_STORAGE_BUCKET -e SERVER_URI -e GOOGLE_OAUTH2_REFRESH_TOKEN_TEST -e APP_ENV -e PORT -e GOOGLE_OAUTH2_CLIENT_ID_TEST -e GOOGLE_OAUTH2_CLIENT_SECRET_TEST ${{github.event.repository.name}} go test -v --cover -ldflags '-w -s' ./...
 
@@ -75,7 +75,7 @@ jobs:
             uses: docker/build-push-action@v5
             with:
               context: .
-              file: build/Dockerfile
+              file: build/package/Dockerfile
               push: true
               tags: |
                 ${{env.IMAGE_NAME}}:${{github.sha}}

.github/workflows/preview.yaml

@@ -26,18 +26,18 @@ jobs:
 
             - uses: hadolint/[email protected]
               with:
-                dockerfile: build/Dockerfile
+                dockerfile: build/package/Dockerfile
 
             - uses: hadolint/[email protected]
               with:
-                dockerfile: build/Dockerfile.test
+                dockerfile: build/package/Dockerfile.test
 
             - name: Run Docker Compose
               run: docker compose -f deployments/compose.yaml up -d
 
             - name: Unit testing
               run: |
-                docker build -t ${{github.event.repository.name}} -f build/Dockerfile.test .
+                docker build -t ${{github.event.repository.name}} -f build/package/Dockerfile.test .
 
                 docker run --rm --name ${{github.event.repository.owner.login}} --add-host=host.docker.internal:host-gateway -e GOOGLE_CLOUD_STORAGE_SERVICE_ACCOUNT -e GOOGLE_CLOUD_STORAGE_BUCKET -e SERVER_URI -e GOOGLE_CLOUD_STORAGE_EMULATOR_ENDPOINT -e GOOGLE_OAUTH2_REFRESH_TOKEN_TEST -e PORT -e GOOGLE_OAUTH2_CLIENT_ID_TEST -e GOOGLE_OAUTH2_CLIENT_SECRET_TEST ${{github.event.repository.name}} go test -v --cover -ldflags '-w -s' ./...
 
@@ -79,7 +79,7 @@ jobs:
               uses: docker/build-push-action@v5
               with:
                 context: .
-                file: build/Dockerfile
+                file: build/package/Dockerfile
                 push: true
                 tags: |
                   ${{env.IMAGE_NAME}}:${{github.sha}}

README.md

@@ -82,7 +82,7 @@ go build -o tempsy main.go
 - Build Image
 
 ```sh
-docker build -f build/Dockerfile -t tempsy .
+docker build -f build/package/Dockerfile -t tempsy .
 ```
 
 - Test (Unit Test)

build/Dockerfile → build/package/Dockerfile

@@ -2,7 +2,7 @@ FROM golang:1.20-alpine AS builder
 LABEL authors=afif
 
 WORKDIR /src
-COPY . .
+COPY .. .
 
 ENV CGO_ENABLED=0
 

build/Dockerfile.test → build/package/Dockerfile.test

@@ -2,7 +2,7 @@ FROM golang:1.20-alpine
 
 WORKDIR /src
 
-COPY . .
+COPY .. .
 
 ENV CGO_ENABLED=0
 

cmd/files/middleware/limiter.go

@@ -33,6 +33,11 @@ var RateLimiterGuestToken = limiter.New(limiter.Config{
 		if ctx.Get(auth.HeaderRealIp) != "" {
 			return ctx.Get(auth.HeaderRealIp)
 		}
+
+		if ctx.Get(auth.HeaderXRealIp) != "" {
+			return ctx.Get(auth.HeaderXRealIp)
+		}
+
 		return ctx.IP()
 	},
 	LimitReached: func(ctx *fiber.Ctx) error {

cmd/files/middleware/limiter_test.go

@@ -56,7 +56,6 @@ func TestLimitAuthTokenProcess(test *testing.T) {
 
 func TestLimitGuestToken(test *testing.T) {
 	app := fiber.New()
-
 	app.Get("/guest", RateLimiterGuestToken, func(ctx *fiber.Ctx) error {
 		return nil
 	})
@@ -81,22 +80,44 @@ func TestLimitGuestToken(test *testing.T) {
 	})
 
 	test.Run("TestOnProxy", func(test *testing.T) {
-		req := httptest.NewRequest(fiber.MethodGet, "/guest", nil)
-		req.Header.Set(auth.HeaderRealIp, "8.8.8.8")
-
-		for i := 0; i <= MaxReqGuestTokenPerSeconds; i++ {
-			res, err := app.Test(req, 1500*10) // 15 seconds
-			require.NoError(test, err)
+		testsTable := []struct {
+			Name   string
+			Header string
+			Value  string
+		}{
+			{
+				Name:   "TestOnXRealIp",
+				Header: auth.HeaderXRealIp,
+				Value:  "1.1.1.1",
+			},
+			{
+				Name:   "TestOnRealIp",
+				Header: auth.HeaderRealIp,
+				Value:  "76.76.2.0",
+			},
+		}
 
-			test.Cleanup(func() {
-				internal.LogErr(res.Body.Close())
+		for _, table := range testsTable {
+			test.Run(table.Name, func(test *testing.T) {
+				req := httptest.NewRequest(fiber.MethodGet, "/guest", nil)
+				req.Header.Set(table.Header, table.Value)
+
+				for i := 0; i <= MaxReqGuestTokenPerSeconds; i++ {
+					res, err := app.Test(req, 1500*10) // 15 seconds
+					require.NoError(test, err)
+
+					test.Cleanup(func() {
+						internal.LogErr(res.Body.Close())
+					})
+
+					if i < MaxReqGuestTokenPerSeconds {
+						assert.Equal(test, fiber.StatusOK, res.StatusCode)
+					} else {
+						assert.Equal(test, fiber.StatusTooManyRequests, res.StatusCode)
+					}
+				}
 			})
-
-			if i < MaxReqGuestTokenPerSeconds {
-				assert.Equal(test, fiber.StatusOK, res.StatusCode)
-			} else {
-				assert.Equal(test, fiber.StatusTooManyRequests, res.StatusCode)
-			}
 		}
+
 	})
 }

internal/auth/utils.go

@@ -7,6 +7,7 @@ import (
 var AllowedHttpMethod = []string{fiber.MethodGet, fiber.MethodDelete, fiber.MethodOptions, fiber.MethodPut, fiber.MethodPost}
 
 const (
-	BearerPrefix = "Bearer "
-	HeaderRealIp = "Real-IP"
+	BearerPrefix  = "Bearer "
+	HeaderRealIp  = "Real-IP"
+	HeaderXRealIp = "X-Real-IP" // Backward compatibility purpose
 )