Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add IP address and User-Agent to session if missing

Browse source
This commit is contained in:
Théophile Diot 2024-12-23 13:51:44 +01:00
parent 49084d6561
commit 0924671330
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/ui/main.py
View file

@ -352,6 +352,11 @@ def before_request():
if current_user.is_authenticated:
passed = True
if "ip" not in session:
session["ip"] = request.remote_addr
if "user_agent" not in session:
session["user_agent"] = request.headers.get("User-Agent")
# Case not login page, keep on 2FA before any other access
if not session.get("totp_validated", False) and bool(current_user.totp_secret) and "/totp" not in request.path:
if not request.path.endswith("/login"):