Friday, December 10, 2021

Stack Abuse: How To Get User's IP Address Using Flask?

Introduction

Flask is one of the most popular Python web development frameworks. It's a lightweight web framework, yet it offers a variety of built-in methods that can be used for hassle-free deployment of efficient web applications.

In this guide, we will get the IP address of the user who visits the web application created using Flask.

We'll create a simple REST API that handles the incoming requests to the / endpoint, returning the IP address of the user as the response.

Creating a Basic Web App Using Flask

Create a new Flask project for this tutorial. We'll create a basic app that returns "Hello World" with requests to the / endpoint:

from flask import Flask

# Creating the instance of the class Flask
app = Flask(__name__)

# Using the decorator to create the URL for the web application
@app.route('/')
# The function will return the information displayed on the webpage
def hello_world():
    return '<h1> Hello World</h1>'

# Run the application
if __name__ == '__main__':
    app.run(debug=True)

Now that we have our app set up, let's collect the IP addresses associated with a user's request.

How to Find the IP Address Of a User in Flask?

Whenever a client requests a page - they send an HTTP GET request, with a certain payload. Amongst other information - their distinctive IP address is included. In Flask - every route has access to the request variable, which represents the incoming request from the user.

From this request, we can extract various elements - and the IP address is denoted as the remote_addr property:

@app.route('/')
def hello_world():
    ip_addr = request.remote_addr
    return '<h1> Your IP address is:' + ip_addr

We can also get the remote address through the request context's environment. The environ dictionary of the request object holds various keys and their respective values, pertaining to the request. The REMOTE_ADDR is one of the server variables (keys) that is mapped to the IP address of the client or the server:

@app.route('/client')
def client():
    ip_addr = request.environ['REMOTE_ADDR']
    return '<h1> Your IP address is:' + ip_addr

But the above two options won't work if your user is making a request behind a proxy. In that case we have to check the headers of the request. In particular, we're looking for the HTTP_X_FORWARDED_FOR header:

@app.route('/proxy-client')
def proxy_client():
    ip_addr = request.environ['HTTP_X_FORWARDED_FOR']
    return '<h1> Your IP address is:' + ip_addr

Now, even this approach would not work if the header is not set. So a common strategy is to use the get() method so that if the header is not set, we can default to the remote address:

@app.route('/proxy-client')
def proxy_client():
    ip_addr = request.environ.get('HTTP_X_FORWARDED_FOR', request.remote_addr)
    return '<h1> Your IP address is:' + ip_addr

Note: Trying to get a value from a non-existent key returns None. The get() method of the dict class allows you to set a default value to be used if get() fails to find a key. If HTTP_X_FORWARDED_FOR is None, the request.remote_addr value is used instead.

With these in mind, we can choose from any of the following three approaches to get the IP address of a user, via their incoming request:

from flask import Flask, request

app = Flask(__name__)

@app.route('/')
def hello_world():
    ip_addr = request.remote_addr
    return '<h1> Your IP address is:' + ip_addr


@app.route('/client')
def client():
    ip_addr = request.environ['REMOTE_ADDR']
    return '<h1> Your IP address is:' + ip_addr


@app.route('/client')
def proxy_client():
    ip_addr = request.environ.get('HTTP_X_FORWARDED_FOR', request.remote_addr)
    return '<h1> Your IP address is:' + ip_addr


if __name__ == '__main__':
    app.run(debug=True)

Conclusion

In this article, we learned three different methods to get the IP address of a user. We access the remote address directly with request.remote_addr, through the REMOTE_ADDR key from request.environ, and in the cases where the user is using a proxy we should check the HTTP_X_FORWARDED_FOR key of request.environ.



from Planet Python
via read more

No comments:

Post a Comment

TestDriven.io: Working with Static and Media Files in Django

This article looks at how to work with static and media files in a Django project, locally and in production. from Planet Python via read...