这里有很多很棒的观点，但没有一个是全面的，所以这里是我最终使用的:

function getIP(req) {
  // req.connection is deprecated
  const conRemoteAddress = req.connection?.remoteAddress
  // req.socket is said to replace req.connection
  const sockRemoteAddress = req.socket?.remoteAddress
  // some platforms use x-real-ip
  const xRealIP = req.headers['x-real-ip']
  // most proxies use x-forwarded-for
  const xForwardedForIP = (() => {
    const xForwardedFor = req.headers['x-forwarded-for']
    if (xForwardedFor) {
      // The x-forwarded-for header can contain a comma-separated list of
      // IP's. Further, some are comma separated with spaces, so whitespace is trimmed.
      const ips = xForwardedFor.split(',').map(ip => ip.trim())
      return ips[0]
    }
  })()
  // prefer x-forwarded-for and fallback to the others
  return xForwardedForIP || xRealIP || sockRemoteAddress || conRemoteAddress
}

请求。headers['x-forwarded-for'] || request.connection.remoteAddress . headers['x-forwarded-for'

如果有x-forward -for报头，则使用它，否则使用. remoteaddress属性。

The x-forwarded-for header is added to requests that pass through load balancers (or other types of proxy) set up for HTTP or HTTPS (it's also possible to add this header to requests when balancing at a TCP level using proxy protocol). This is because the request.connection.remoteAddress the property will contain the private IP address of the load balancer rather than the public IP address of the client. By using an OR statement, in the order above, you check for the existence of an x-forwarded-for header and use it if it exists otherwise use the request.connection.remoteAddress.

在你的请求对象中有一个属性叫socket，它是一个网络。套接字对象。净。套接字对象有一个属性remoteAddress，因此你应该能够通过这个调用得到IP:

request.socket.remoteAddress

(如果您的节点版本低于13，请使用已弃用的request.connection.remoteAddress)

EDIT

正如@juand在评论中指出的那样，如果服务器位于代理之后，获得远程IP的正确方法是request.headers['x-forwarded-for']

编辑2

在Node.js中使用express时:

如果你设置了app.set('信任代理'，true)，请请求。ip将返回真实ip地址，即使在代理。查看文档了解更多信息

以下函数涵盖了所有的情况，将会有所帮助

var ip;
if (req.headers['x-forwarded-for']) {
    ip = req.headers['x-forwarded-for'].split(",")[0];
} else if (req.connection && req.connection.remoteAddress) {
    ip = req.connection.remoteAddress;
} else {
    ip = req.ip;
}console.log("client IP is *********************" + ip);

如果你有多个ip，这对我来说是可行的:

Var ipaddress = (req。标题(“x-forwarded-for”)| | req.connection.remoteAddress | | req.socket.remoteAddress | | req.connection.socket.remoteAddress) .split (", ") [0];

我试过了，但都没用，

console.log(clientIp);
console.log(req.ip);

console.log(req.headers['x-forwarded-for']);
console.log(req.connection.remoteAddress);
console.log(req.socket.remoteAddress);
console.log(req.connection.socket.remoteAddress.split(",")[0]);

当在Nginx代理后运行Express应用程序时，你必须将应用程序变量信任代理设置为true。Express提供了其他一些信任代理值，您可以在它们的文档中查看这些值，但以下步骤对我来说是有效的。

app.set('trust proxy'， true)

App.set('信任代理'，true);

在Nginx中添加proxy_set_header X-Forwarded-For $remote_addr 服务器块的配置。

位置/ { proxy_pass http://localhost: 3001; proxy_http_version 1.1; 升级$http_upgrade; 连接“升级”; 主机$ Host; proxy_set_header X-Forwarded-For $remote_addr;#这一行 proxy_cache_bypass http_upgrade美元; ｝

对象中读取客户端的IP地址 req.header('x-forwarded-for')或req.connection.remoteAddress;ipfilter的完整代码

module.exports = function(req, res, next) { let enable = true; // true/false let blacklist = ['x.x.x.x']; let whitelist = ['x.x.x.x']; let clientIp = req.header('x-forwarded-for') || req.connection.remoteAddress; if (!clientIp) { return res.json('Error'); } if (enable && paths.some((path) => (path === req.originalUrl))) { let blacklist = blacklist || []; if (blacklist.some((ip) => clientIp.match(ip) !== null)) { return res.json({ status: 401, error: 'Your IP is black-listed !'}); } let whitelist = whitelist || []; if (whitelist.length === 0 || whitelist.some((ip) => clientIp.match(ip) !== null)) { next(); return; } else { return res.json({ status: 401, error: 'Your IP is not listed !'}); } } next(); };