From ab8cb77f81fa85e1a0c221c9d198b294f82f7e6e Mon Sep 17 00:00:00 2001
From: Bryan Ashby <bryan@l33t.codes>
Date: Thu, 1 Jun 2017 18:48:14 -0600
Subject: [PATCH] * secureProxy -> proxied in webSocket config * Add support
 for X-Forwarded-For and X-Real-IP in WebSocket for remoteAddr

---
 core/servers/login/websocket.js | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/core/servers/login/websocket.js b/core/servers/login/websocket.js
index 41a3e838..1a9a1ed1 100644
--- a/core/servers/login/websocket.js
+++ b/core/servers/login/websocket.js
@@ -25,7 +25,7 @@ const ModuleInfo = exports.moduleInfo = {
 function WebSocketClient(ws, req, serverType) {
 
 	Object.defineProperty(this, 'isSecure', {
-		get : () => ('secure' === serverType || true === this.secureProxyConnection) ? true : false,
+		get : () => ('secure' === serverType || true === this.proxied) ? true : false,
 	});
 
 	//
@@ -47,7 +47,8 @@ function WebSocketClient(ws, req, serverType) {
 		}
 
 		get remoteAddress() {
-			return req.connection.remoteAddress;
+			//	Support X-Forwarded-For and X-Real-IP headers for proxied connections
+			return (this.proxied && (req.headers['x-forwarded-for'] || req.headers['x-real-ip'])) || req.connection.remoteAddress;
 		}
 	}(ws);
 
@@ -75,11 +76,11 @@ function WebSocketClient(ws, req, serverType) {
 	//	If the config allows it, look for 'x-forwarded-proto' as "https"
 	//	to override |isSecure|
 	//
-	if(true === _.get(Config, 'loginServers.webSocket.secureProxy') &&
+	if(true === _.get(Config, 'loginServers.webSocket.proxied') &&
 		'https' === req.headers['x-forwarded-proto'])
 	{
-		Log.debug(`Assuming secure connection due to X-Forwarded-Proto of ${req.headers['x-forwarded-proto']}`);
-		this.secureProxyConnection = true;
+		Log.debug(`Assuming secure connection due to X-Forwarded-Proto of "${req.headers['x-forwarded-proto']}"`);
+		this.proxied = true;
 	}
 
 	//	start handshake process