我不完全明白我应该如何获得一个远程用户IP地址。
假设我有一个简单的请求路由,如:
app.get(/, function (req, res){
var forwardedIpsStr = req.header('x-forwarded-for');
var IP = '';
if (forwardedIpsStr) {
IP = forwardedIps = forwardedIpsStr.split(',')[0];
}
});
上面的方法是否正确,以获得真实的用户IP地址或有更好的方法? 那么代理呢?
当前回答
根据快递背后的代理,要求。如果正确配置了信任代理,则IP已考虑反向代理。因此,它比req.connection.remoteAddress要好,因为req.connection.remoteAddress是从网络层获取的,不需要代理。
其他回答
如果你很好使用第三方库。可以检查request-ip。
你可以用is by
import requestIp from 'request-ip';
app.use(requestIp.mw())
app.use((req, res) => {
const ip = req.clientIp;
});
源代码很长,所以我就不复制了,你可以在https://github.com/pbojinov/request-ip/blob/master/src/index.js上查看
基本上,
It looks for specific headers in the request and falls back to some defaults if they do not exist. The user ip is determined by the following order: X-Client-IP X-Forwarded-For (Header may return multiple IP addresses in the format: "client IP, proxy 1 IP, proxy 2 IP", so we take the the first one.) CF-Connecting-IP (Cloudflare) Fastly-Client-Ip (Fastly CDN and Firebase hosting header when forwared to a cloud function) True-Client-Ip (Akamai and Cloudflare) X-Real-IP (Nginx proxy/FastCGI) X-Cluster-Client-IP (Rackspace LB, Riverbed Stingray) X-Forwarded, Forwarded-For and Forwarded (Variations of #2) req.connection.remoteAddress req.socket.remoteAddress req.connection.socket.remoteAddress req.info.remoteAddress If an IP address cannot be found, it will return null.
公开:我和图书馆没有关系。
如果你在运行一个像NGiNX之类的代理,那么你应该检查'x-forward -for':
var ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress
如果代理不是“你的”,我不会相信“x-forward -for”报头,因为它可能被欺骗。
我知道这个问题已经有了答案,但下面是我如何让我的问题起作用的。
let ip = req.connection.remoteAddress.split(`:`).pop();
根据快递背后的代理,要求。如果正确配置了信任代理,则IP已考虑反向代理。因此,它比req.connection.remoteAddress要好,因为req.connection.remoteAddress是从网络层获取的,不需要代理。
var ip = req.connection.remoteAddress;
IP = IP .split(':')[3];
