handle x-forwarded-for in IP logs

admin/accounthttp.go

@@ -115,7 +115,7 @@ func changePasswordHandler(app *model.AppState) http.Handler {
             return
         }
 
-        app.Log.Info(log.TYPE_ACCOUNT, "\"%s\" changed password by user request. (%s)", session.Account.Username, controller.ResolveIP(r))
+        app.Log.Info(log.TYPE_ACCOUNT, "\"%s\" changed password by user request. (%s)", session.Account.Username, controller.ResolveIP(app, r))
 
         controller.SetSessionError(app.DB, session, "")
         controller.SetSessionMessage(app.DB, session, "Password updated successfully.")
@@ -145,7 +145,7 @@ func deleteAccountHandler(app *model.AppState) http.Handler {
 
         // check password
         if err := bcrypt.CompareHashAndPassword([]byte(session.Account.Password), []byte(r.Form.Get("password"))); err != nil {
-            app.Log.Warn(log.TYPE_ACCOUNT, "Account \"%s\" attempted account deletion with incorrect password. (%s)", session.Account.Username, controller.ResolveIP(r))
+            app.Log.Warn(log.TYPE_ACCOUNT, "Account \"%s\" attempted account deletion with incorrect password. (%s)", session.Account.Username, controller.ResolveIP(app, r))
             controller.SetSessionError(app.DB, session, "Incorrect password.")
             http.Redirect(w, r, "/admin/account", http.StatusFound)
             return
@@ -159,7 +159,7 @@ func deleteAccountHandler(app *model.AppState) http.Handler {
             return
         }
 
-        app.Log.Info(log.TYPE_ACCOUNT, "Account \"%s\" deleted by user request. (%s)", session.Account.Username, controller.ResolveIP(r))
+        app.Log.Info(log.TYPE_ACCOUNT, "Account \"%s\" deleted by user request. (%s)", session.Account.Username, controller.ResolveIP(app, r))
 
         controller.SetSessionAccount(app.DB, session, nil)
         controller.SetSessionError(app.DB, session, "")