Tracking the user's IP

Lesson#1 of 3 in topic Theory

FastAPI

# pip install fastapi uvicorn
from fastapi import FastAPI, Request
from fastapi.responses import JSONResponse
from starlette.middleware.base import BaseHTTPMiddleware
import logging

app = FastAPI()
logger = logging.getLogger("uvicorn.access")


def get_client_ip(request: Request) -> str:
    """Return real client IP, respecting proxy headers."""
    forwarded_for = request.headers.get("X-Forwarded-For")
    if forwarded_for:
        # May be comma-separated; first entry is the client
        return forwarded_for.split(",")[0].strip()
    return request.client.host  # direct connection fallback


# --- Route-level usage ---
@app.get("/ip")
async def show_ip(request: Request):
    ip = get_client_ip(request)
    return JSONResponse({"client_ip": ip})


# --- Middleware — log every request automatically ---
class IPLoggingMiddleware(BaseHTTPMiddleware):
    async def dispatch(self, request: Request, call_next):
        ip = get_client_ip(request)
        logger.info(f"{request.method} {request.url.path} — client IP: {ip}")
        response = await call_next(request)
        return response

app.add_middleware(IPLoggingMiddleware)


PHP

// ip.php — works with any plain PHP setup

function getClientIP(): string {
    // Headers set by proxies / CDNs — check in priority order
    $headers = [
        'HTTP_CF_CONNECTING_IP',   // Cloudflare
        'HTTP_X_FORWARDED_FOR',
        'HTTP_X_REAL_IP',
        'HTTP_CLIENT_IP',
        'REMOTE_ADDR',             // direct connection fallback
    ];

    foreach ($headers as $key) {
        if (!empty($_SERVER[$key])) {
            // X-Forwarded-For may contain a list; take the first
            $ip = trim(explode(',', $_SERVER[$key])[0]);
            if (filter_var($ip, FILTER_VALIDATE_IP)) {
                return $ip;
            }
        }
    }

    return 'unknown';
}

$ip = getClientIP();
error_log("Request from IP: $ip");
echo "Your IP address is: " . htmlspecialchars($ip);

Django

# views.py
from django.http import HttpResponse

def get_client_ip(request):
    """Return the real client IP, respecting proxy headers."""
    x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
    if x_forwarded_for:
        return x_forwarded_for.split(",")[0].strip()
    return request.META.get("REMOTE_ADDR")

def my_view(request):
    ip = get_client_ip(request)
    print(f"Visitor IP: {ip}")
    return HttpResponse(f"Your IP: {ip}")


# middleware.py  — log every request automatically
import logging
logger = logging.getLogger(__name__)

class IPLoggingMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        x_fwd = request.META.get("HTTP_X_FORWARDED_FOR")
        ip = x_fwd.split(",")[0].strip() if x_fwd else \
             request.META.get("REMOTE_ADDR")
        logger.info("Request from %s → %s", ip, request.path)
        return self.get_response(request)

Laravel

// routes/web.php — basic usage in a route closure
Route::get('/ip', function (Request $request) {
    $ip = $request->ip();         // uses REMOTE_ADDR by default
    return response("Your IP: {$ip}");
});


// app/Http/Middleware/LogClientIP.php
// Register in app/Http/Kernel.php → $middleware array
namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;

class LogClientIP {

    public function handle(Request $request, Closure $next) {
        // $request->ip() honours TrustProxies settings
        Log::info('Request IP', [
            'ip'   => $request->ip(),
            'path' => $request->path(),
        ]);
        return $next($request);
    }
}