我不完全明白我应该如何获得一个远程用户IP地址。
假设我有一个简单的请求路由,如:
app.get(/, function (req, res){
var forwardedIpsStr = req.header('x-forwarded-for');
var IP = '';
if (forwardedIpsStr) {
IP = forwardedIps = forwardedIpsStr.split(',')[0];
}
});
上面的方法是否正确,以获得真实的用户IP地址或有更好的方法? 那么代理呢?
当前回答
虽然来自@alessioalex的答案是有效的,但在Express - guide的Express后台代理部分中有另一种方法。
在初始化代码中添加app.set('trust proxy', true)。 当您想要获取远程客户端的ip时,使用req。IP或req。以通常的方式进行Ips(就好像没有反向代理一样)
可选的阅读:
Use req.ip or req.ips. req.connection.remoteAddress does't work with this solution. More options for 'trust proxy' are available if you need something more sophisticated than trusting everything passed through in x-forwarded-for header (for example, when your proxy doesn't remove preexisting x-forwarded-for header from untrusted sources). See the linked guide for more details. If your proxy server does not populated x-forwarded-for header, there are two possibilities. The proxy server does not relay the information on where the request was originally. In this case, there would be no way to find out where the request was originally from. You need to modify configuration of the proxy server first. For example, if you use nginx as your reverse proxy, you may need to add proxy_set_header X-Forwarded-For $remote_addr; to your configuration. The proxy server relays the information on where the request was originally from in a proprietary fashion (for example, custom http header). In such case, this answer would not work. There may be a custom way to get that information out, but you need to first understand the mechanism.
其他回答
var ip = req.connection.remoteAddress;
IP = IP .split(':')[3];
在我的案例中,类似于这个解决方案,我最终使用了以下x-forward for方法:
let ip = (req.headers['x-forwarded-for'] || '').split(',')[0];
x-forward -for报头将继续添加从源服务器到最终目标服务器的IP路由,因此如果需要检索源客户端的IP,这将是数组的第一项。
headers对象有你需要的一切,只需要这样做:
var ip = req.headers['x-forwarded-for'].split(',')[0];
与could-flare, nginx和x-real-ip支持
var user_ip;
if(req.headers['cf-connecting-ip'] && req.headers['cf-connecting-ip'].split(', ').length) {
let first = req.headers['cf-connecting-ip'].split(', ');
user_ip = first[0];
} else {
let user_ip = req.headers['x-forwarded-for'] || req.headers['x-real-ip'] || req.connection.remoteAddress || req.socket.remoteAddress || req.connection.socket.remoteAddress;
}
虽然来自@alessioalex的答案是有效的,但在Express - guide的Express后台代理部分中有另一种方法。
在初始化代码中添加app.set('trust proxy', true)。 当您想要获取远程客户端的ip时,使用req。IP或req。以通常的方式进行Ips(就好像没有反向代理一样)
可选的阅读:
Use req.ip or req.ips. req.connection.remoteAddress does't work with this solution. More options for 'trust proxy' are available if you need something more sophisticated than trusting everything passed through in x-forwarded-for header (for example, when your proxy doesn't remove preexisting x-forwarded-for header from untrusted sources). See the linked guide for more details. If your proxy server does not populated x-forwarded-for header, there are two possibilities. The proxy server does not relay the information on where the request was originally. In this case, there would be no way to find out where the request was originally from. You need to modify configuration of the proxy server first. For example, if you use nginx as your reverse proxy, you may need to add proxy_set_header X-Forwarded-For $remote_addr; to your configuration. The proxy server relays the information on where the request was originally from in a proprietary fashion (for example, custom http header). In such case, this answer would not work. There may be a custom way to get that information out, but you need to first understand the mechanism.
