Use the remote ip for the captcha check

The remote ip should be used in the Captcha check instead of the ip Changelog: added MR: EE: true

Use the remote ip for the captcha check
The remote ip should be used in the Captcha check instead of the ip Changelog: added MR: EE: true
cab8b882 · Marcos Rocha · Alper Akgun · df6a15b8 · cab8b882
Commit cab8b882 authored Mar 31, 2022 by Marcos Rocha Committed by Alper Akgun Mar 31, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

ee/lib/api/captcha_check.rb ee/lib/api/captcha_check.rb +2 -2

No files found.
--- a/ee/lib/api/captcha_check.rb
+++ b/ee/lib/api/captcha_check.rb
@@ -17,7 +17,7 @@ module API
        not_found! 'User' unless Feature.enabled?(:arkose_labs_login_challenge, default_enabled: :yaml)

        rate_limit_reached = false
-        check_rate_limit!(:search_rate_limit_unauthenticated, scope: [request.ip]) do
+        check_rate_limit!(:search_rate_limit_unauthenticated, scope: [ip_address]) do
          rate_limit_reached = true
        end

@@ -26,7 +26,7 @@ module API
        else
          user = ::User.by_login(params[:username])
          not_found! 'User' unless user
-          present(::Users::CaptchaChallengeService.new(user, request.ip).execute, with: Entities::CaptchaCheck)
+          present(::Users::CaptchaChallengeService.new(user, ip_address).execute, with: Entities::CaptchaCheck)
        end
      end
    end