From e1de593dcd30b7b04da3b003455134992b702595 Mon Sep 17 00:00:00 2001 From: "Alessandro (Ale) Segala" <43508+ItalyPaleAle@users.noreply.github.com> Date: Wed, 9 Jul 2025 06:45:07 -0700 Subject: [PATCH] fix: login failures on Postgres when IP is null (#737) --- backend/internal/middleware/rate_limit.go | 2 +- backend/internal/service/audit_log_service.go | 13 +++++++++---- backend/internal/service/user_service.go | 4 +--- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/backend/internal/middleware/rate_limit.go b/backend/internal/middleware/rate_limit.go index 2d9386d1..910b5865 100644 --- a/backend/internal/middleware/rate_limit.go +++ b/backend/internal/middleware/rate_limit.go @@ -29,7 +29,7 @@ func (m *RateLimitMiddleware) Add(limit rate.Limit, burst int) gin.HandlerFunc { // Skip rate limiting for localhost and test environment // If the client ip is localhost the request comes from the frontend - if ip == "127.0.0.1" || ip == "::1" || common.EnvConfig.AppEnv == "test" { + if ip == "" || ip == "127.0.0.1" || ip == "::1" || common.EnvConfig.AppEnv == "test" { c.Next() return } diff --git a/backend/internal/service/audit_log_service.go b/backend/internal/service/audit_log_service.go index 39ca7ebf..90629d95 100644 --- a/backend/internal/service/audit_log_service.go +++ b/backend/internal/service/audit_log_service.go @@ -70,12 +70,17 @@ func (s *AuditLogService) CreateNewSignInWithEmail(ctx context.Context, ipAddres // Count the number of times the user has logged in from the same device var count int64 - err := tx. + stmt := tx. WithContext(ctx). Model(&model.AuditLog{}). - Where("user_id = ? AND ip_address = ? AND user_agent = ?", userID, ipAddress, userAgent). - Count(&count). - Error + Where("user_id = ? AND user_agent = ?", userID, ipAddress) + if ipAddress == "" { + // An empty IP address is stored as NULL in the database + stmt = stmt.Where("ip_address IS NULL") + } else { + stmt = stmt.Where("ip_address = ?", ipAddress) + } + err := stmt.Count(&count).Error if err != nil { log.Printf("Failed to count audit logs: %v", err) return createdAuditLog diff --git a/backend/internal/service/user_service.go b/backend/internal/service/user_service.go index cbdf0a53..cf8beab6 100644 --- a/backend/internal/service/user_service.go +++ b/backend/internal/service/user_service.go @@ -469,9 +469,7 @@ func (s *UserService) ExchangeOneTimeAccessToken(ctx context.Context, token stri return model.User{}, "", err } - if ipAddress != "" && userAgent != "" { - s.auditLogService.Create(ctx, model.AuditLogEventOneTimeAccessTokenSignIn, ipAddress, userAgent, oneTimeAccessToken.User.ID, model.AuditLogData{}, tx) - } + s.auditLogService.Create(ctx, model.AuditLogEventOneTimeAccessTokenSignIn, ipAddress, userAgent, oneTimeAccessToken.User.ID, model.AuditLogData{}, tx) err = tx.Commit().Error if err != nil {