Removed "req.info.remoteAddress" in order to avoid troubles on shared IP scenarios

2024-11-06 09:55:18 +00:00 · 2018-01-26 11:41:45 +01:00 · 2018-01-26 11:41:45 +01:00 · 6486707818
commit 6486707818
parent 8674573343
2 changed files with 2 additions and 3 deletions
--- a/server/api/wazuh-api.js
+++ b/server/api/wazuh-api.js
@ -449,8 +449,7 @@ module.exports = (server, options) => {
            const code = (new Date()-1) + 'wazuhapp';
            sessions[code] = {
                created: new Date(),
-                exp    : 86400,
-                origin : req.info.remoteAddress
+                exp    : 86400
            }
            return reply({
                statusCode: 200,
--- a/server/initialize.js
+++ b/server/initialize.js
@ -40,7 +40,7 @@ module.exports = (server, options) => {
        const session = (req.headers && req.headers.code) ? sessions[req.headers.code] : null;
        if(!session) return false;
        const timeElapsed = (new Date() - session.created) / 1000;
-        if((timeElapsed >= session.exp) || (req.info.remoteAddress !== session.origin)){
+        if(timeElapsed >= session.exp){
            delete sessions[req.payload.code];
            return false;
        }