From 68fd3229554320baece43528150f2d454b844761 Mon Sep 17 00:00:00 2001
From: Akhil Narang <me@akhilnarang.dev>
Date: Fri, 31 May 2024 13:06:00 +0530
Subject: [PATCH] fix: bypass IP restriction for the methods required for our
 socketio backend

Those requests are made from a separate backend, not by the user.

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
---
 frappe/auth.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/frappe/auth.py b/frappe/auth.py
index ee4a5df975..4030684cf9 100644
--- a/frappe/auth.py
+++ b/frappe/auth.py
@@ -421,7 +421,18 @@ def clear_cookies():
 
 
 def validate_ip_address(user):
-	"""check if IP Address is valid"""
+	"""
+	Method to check if the user has IP restrictions enabled, and if so is the IP address they are
+	connecting from allowlisted.
+
+	Certain methods called from our socketio backend need direct access, and so the IP is not
+	checked for those
+	"""
+	if hasattr(frappe.local, "request") and frappe.local.request.path.startswith(
+		"/api/method/frappe.realtime."
+	):
+		return True
+
 	from frappe.core.doctype.user.user import get_restricted_ip_list
 
 	# Only fetch required fields - for perf