In logging set ClientIp from request header X-Forwarded-For

[sarkikos]

No description provided.

[Copilot]

Pull Request Overview

This PR adds client IP address logging by extracting the IP from the X-Forwarded-For header when available, falling back to the connection's remote IP address. This is commonly needed when applications are behind reverse proxies or load balancers.

• Extracts client IP from X-Forwarded-For header with fallback to connection remote IP
• Adds ClientIp to the logging context

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The X-Forwarded-For header can contain multiple IP addresses separated by commas (client, proxy1, proxy2, etc.). Using the entire header value could log internal proxy IPs or allow header spoofing. Consider extracting only the first IP address using xForwardedFor.Split(',')[0].Trim() to get the original client IP.

Suggested change

	context.Set("ClientIp", !string.IsNullOrEmpty(xForwardedFor) ? xForwardedFor : httpContext.Connection.RemoteIpAddress?.ToString());
	var clientIp = !string.IsNullOrEmpty(xForwardedFor)
	? xForwardedFor.Split(',')[0].Trim()
	: httpContext.Connection.RemoteIpAddress?.ToString();
	context.Set("CorrelationId", correlationId);
	context.Set("ClientId", clientId);
	context.Set("ClientIp", clientIp);

[Copilot]

The X-Forwarded-For header can be easily spoofed by clients. If this application is not behind a trusted reverse proxy, consider validating that the request actually came through your expected proxy infrastructure before trusting this header, or use Connection.RemoteIpAddress as the primary source.

Suggested change

	context.Set("ClientIp", !string.IsNullOrEmpty(xForwardedFor) ? xForwardedFor : httpContext.Connection.RemoteIpAddress?.ToString());
	context.Set("ClientIp", httpContext.Connection.RemoteIpAddress?.ToString());