我不完全明白我应该如何获得一个远程用户IP地址。
假设我有一个简单的请求路由,如:
app.get(/, function (req, res){
var forwardedIpsStr = req.header('x-forwarded-for');
var IP = '';
if (forwardedIpsStr) {
IP = forwardedIps = forwardedIpsStr.split(',')[0];
}
});
上面的方法是否正确,以获得真实的用户IP地址或有更好的方法?
那么代理呢?
这只是这个答案的附加信息。
如果你正在使用nginx,你需要添加proxy_set_header X-Real-IP $remote_addr;到站点的位置块。例如:/etc/nginx/sites-available/www.example.com。下面是一个服务器块示例。
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.1.1:3080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
重新启动nginx后,你将能够使用req访问你的节点/express应用程序路由中的ip。headers['x-real-ip'] || req.connection.remoteAddress;
虽然来自@alessioalex的答案是有效的,但在Express - guide的Express后台代理部分中有另一种方法。
在初始化代码中添加app.set('trust proxy', true)。
当您想要获取远程客户端的ip时,使用req。IP或req。以通常的方式进行Ips(就好像没有反向代理一样)
可选的阅读:
Use req.ip or req.ips. req.connection.remoteAddress does't work with this solution.
More options for 'trust proxy' are available if you need something more sophisticated than trusting everything passed through in x-forwarded-for header (for example, when your proxy doesn't remove preexisting x-forwarded-for header from untrusted sources). See the linked guide for more details.
If your proxy server does not populated x-forwarded-for header, there are two possibilities.
The proxy server does not relay the information on where the request was originally. In this case, there would be no way to find out where the request was originally from. You need to modify configuration of the proxy server first.
For example, if you use nginx as your reverse proxy, you may need to add proxy_set_header X-Forwarded-For $remote_addr; to your configuration.
The proxy server relays the information on where the request was originally from in a proprietary fashion (for example, custom http header). In such case, this answer would not work. There may be a custom way to get that information out, but you need to first understand the mechanism.