From b606a2191237e9981331f2fc5d3699ee8fbd43e7 Mon Sep 17 00:00:00 2001
From: catfromplan9 <104175360+catfromplan9@users.noreply.github.com>
Date: Tue, 13 May 2025 22:26:32 +0000
Subject: [PATCH] handler: Add ignore_fingerprinting to config (#33)

---
 example/config.jsonc  | 4 ++++
 src/config/Config.hpp | 1 +
 src/core/Handler.cpp  | 2 +-
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/example/config.jsonc b/example/config.jsonc
index 97218c8..9994b6d 100644
--- a/example/config.jsonc
+++ b/example/config.jsonc
@@ -71,6 +71,10 @@
     // If enabled, specific requests that look like git HTTP(s) clones will be let through.
     "git_host": false,
 
+    // If enabled, fingerprinting is ignored and any IP will be able to use
+    // the cached token as long as it is still valid.
+    "ignore_fingerprinting": false,
+
     // Traffic logging to a .csv file
     "logging": {
         "log_traffic": false,
diff --git a/src/config/Config.hpp b/src/config/Config.hpp
index ccb8e43..2592975 100644
--- a/src/config/Config.hpp
+++ b/src/config/Config.hpp
@@ -36,6 +36,7 @@ class CConfig {
         std::vector<SConfigRule> rules                        = {};
         int                      default_challenge_difficulty = 4;
         int                      token_valid_for              = 3600;
+        bool                     ignore_fingerprinting        = false;
         bool                     async_proxy                  = true;
         std::vector<SProxyRule>  proxy_rules;
 
diff --git a/src/core/Handler.cpp b/src/core/Handler.cpp
index ddd0774..d590509 100644
--- a/src/core/Handler.cpp
+++ b/src/core/Handler.cpp
@@ -215,7 +215,7 @@ void CServerHandler::onRequest(const Pistache::Http::Request& req, Pistache::Htt
         if (TOKEN.valid()) {
             const auto AGE = std::chrono::duration_cast<std::chrono::milliseconds>(std::chrono::system_clock::now().time_since_epoch()).count() -
                 std::chrono::duration_cast<std::chrono::milliseconds>(TOKEN.issued().time_since_epoch()).count();
-            if (AGE <= g_pConfig->m_config.token_valid_for * 1000 && TOKEN.fingerprint() == NRequestUtils::fingerprintForRequest(req)) {
+            if (AGE <= g_pConfig->m_config.token_valid_for * 1000 && (TOKEN.fingerprint() == NRequestUtils::fingerprintForRequest(req) || g_pConfig->m_config.ignore_fingerprinting)) {
                 Debug::log(LOG, " | Action: PASS (token)");
                 g_pTrafficLogger->logTraffic(req, "PASS (token)");
                 proxyPass(req, response);