Merge pull request #1809 from alphagov/revisit-proxy-header-check

Revisit proxy header check
2026-01-30 06:21:50 -05:00 · 2018-04-03 10:55:41 +01:00
parent 54fe9ba275 331500ce94
commit f06bd20900
4 changed files with 42 additions and 10 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -219,8 +219,6 @@ def init_app(app):
    def record_user_agent():
        statsd_client.incr("user-agent.{}".format(process_user_agent(request.headers.get('User-Agent', None))))

-    app.before_request(request_helper.check_proxy_header_before_request)
-
    @app.before_request
    def record_request_details():
        g.start = monotonic()
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -1,6 +1,7 @@
 from flask import request, _request_ctx_stack, current_app, g
 from notifications_python_client.authentication import decode_jwt_token, get_token_issuer
 from notifications_python_client.errors import TokenDecodeError, TokenExpiredError, TokenIssuerError
+from notifications_utils import request_helper
 from sqlalchemy.exc import DataError
 from sqlalchemy.orm.exc import NoResultFound

@@ -48,6 +49,8 @@ def requires_no_auth():


 def requires_admin_auth():
+    request_helper.check_proxy_header_before_request()
+
    auth_token = get_auth_token(request)
    client = __get_token_issuer(auth_token)

@@ -59,6 +62,8 @@ def requires_admin_auth():


 def requires_auth():
+    request_helper.check_proxy_header_before_request()
+
    auth_token = get_auth_token(request)
    client = __get_token_issuer(auth_token)