我不完全明白我应该如何获得一个远程用户IP地址。

假设我有一个简单的请求路由,如:

app.get(/, function (req, res){
   var forwardedIpsStr = req.header('x-forwarded-for');
   var IP = '';

   if (forwardedIpsStr) {
      IP = forwardedIps = forwardedIpsStr.split(',')[0];  
   }
});

上面的方法是否正确,以获得真实的用户IP地址或有更好的方法? 那么代理呢?


当前回答

虽然来自@alessioalex的答案是有效的,但在Express - guide的Express后台代理部分中有另一种方法。

在初始化代码中添加app.set('trust proxy', true)。 当您想要获取远程客户端的ip时,使用req。IP或req。以通常的方式进行Ips(就好像没有反向代理一样)

可选的阅读:

Use req.ip or req.ips. req.connection.remoteAddress does't work with this solution. More options for 'trust proxy' are available if you need something more sophisticated than trusting everything passed through in x-forwarded-for header (for example, when your proxy doesn't remove preexisting x-forwarded-for header from untrusted sources). See the linked guide for more details. If your proxy server does not populated x-forwarded-for header, there are two possibilities. The proxy server does not relay the information on where the request was originally. In this case, there would be no way to find out where the request was originally from. You need to modify configuration of the proxy server first. For example, if you use nginx as your reverse proxy, you may need to add proxy_set_header X-Forwarded-For $remote_addr; to your configuration. The proxy server relays the information on where the request was originally from in a proprietary fashion (for example, custom http header). In such case, this answer would not work. There may be a custom way to get that information out, but you need to first understand the mechanism.

其他回答

在我的案例中,类似于这个解决方案,我最终使用了以下x-forward for方法:

let ip = (req.headers['x-forwarded-for'] || '').split(',')[0];

x-forward -for报头将继续添加从源服务器到最终目标服务器的IP路由,因此如果需要检索源客户端的IP,这将是数组的第一项。

这只是这个答案的附加信息。

如果你正在使用nginx,你需要添加proxy_set_header X-Real-IP $remote_addr;到站点的位置块。例如:/etc/nginx/sites-available/www.example.com。下面是一个服务器块示例。

server {
    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;

    location / {
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_pass http://127.0.1.1:3080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

重新启动nginx后,你将能够使用req访问你的节点/express应用程序路由中的ip。headers['x-real-ip'] || req.connection.remoteAddress;

添加app.set('信任代理',true) 使用要求。IP或req。Ips和往常一样

如果你很好使用第三方库。可以检查request-ip。

你可以用is by

import requestIp from 'request-ip';

app.use(requestIp.mw())

app.use((req, res) => {
  const ip = req.clientIp;
});

源代码很长,所以我就不复制了,你可以在https://github.com/pbojinov/request-ip/blob/master/src/index.js上查看

基本上,

It looks for specific headers in the request and falls back to some defaults if they do not exist. The user ip is determined by the following order: X-Client-IP X-Forwarded-For (Header may return multiple IP addresses in the format: "client IP, proxy 1 IP, proxy 2 IP", so we take the the first one.) CF-Connecting-IP (Cloudflare) Fastly-Client-Ip (Fastly CDN and Firebase hosting header when forwared to a cloud function) True-Client-Ip (Akamai and Cloudflare) X-Real-IP (Nginx proxy/FastCGI) X-Cluster-Client-IP (Rackspace LB, Riverbed Stingray) X-Forwarded, Forwarded-For and Forwarded (Variations of #2) req.connection.remoteAddress req.socket.remoteAddress req.connection.socket.remoteAddress req.info.remoteAddress If an IP address cannot be found, it will return null.

公开:我和图书馆没有关系。

如果你在运行一个像NGiNX之类的代理,那么你应该检查'x-forward -for':

var ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress 

如果代理不是“你的”,我不会相信“x-forward -for”报头,因为它可能被欺骗。