通过用户接口获取其真实的ip地址,最终获取到用户所在国家。
针对情况包括:
1、ssr node端请求后端接口 获取ip
2、客户端请求后端接口 获取ip
目前通过接口获取不到外网ip而是内网ip
原因:
主要是依赖于nginx,获取其真实ip
1、nginx 转发到node服务的location中, header里面设置 x-real-ip 为 $remote_addr X-Forwarded-For 设为 $proxy_add_x_forwarded_for;
- location / {
- proxy_pass http://10.10.50.191:88;
- proxy_set_header Host $host;
- # need set x-real-ip and x-forwarded-for to get user ip
- proxy_set_header X-Real-Ip $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
-
- # nginx代理接口
- location ^~ /baseUrl/ {
- proxy_pass http://域名:19000/;
- proxy_cookie_path /baseUrl/ /;
- proxy_pass_header Set-Cookie;
- proxy_set_header Host $host;
- proxy_set_header X-Real-Ip $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
-
2、前端 从 服务器端渲染代码处, async nuxtServerInit (或者async asyncData) 里面获取 req
3、req里面会有 nginx设置进去的header,x-real-ip x-forwarded-for,值为ip地址
4、把它重新设置到axios的header中
5、后端从接口header里面就可以拿到一开始设置的remote_addr了
以上方案针对于 服务器渲染请求的接口,后端从接口中获取其用户的真实ip的情况。主要是依赖前端(req中获取header,重新设入)、nginx、后端配合实现。
对于普通的客户端请求接口,后端从接口中获取其用户的真实ip的情况,也是同样适用。主要是依赖nginx的代理转发,设置header,后端直接获取就可以实现。
后端有ip数据表,里面有很多国家的ip地址,通过查表来获取对应国家简码,如US、CN
- user nginx;
- worker_processes 1;
-
- error_log /var/log/nginx/error.log warn;
- pid /var/run/nginx.pid;
-
-
- events {
- worker_connections 1024;
- }
-
-
- http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
-
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for" - $http_x_real_ip - $proxy_add_x_forwarded_for';
-
- access_log /var/log/nginx/access.log main;
-
- client_max_body_size 200m;
-
- sendfile on;
- #tcp_nopush on;
-
- keepalive_timeout 65;
-
- #gzip on;
-
- server {
- listen 80;
- server_name localhost;
-
- #charset koi8-r;
-
- #access_log logs/host.access.log main;
-
- # nginx转发到node
- location / {
- proxy_pass http://10.10.50.97:88;
- proxy_set_header Host $host;
- # need set x-real-ip and x-forwarded-for to get user ip
- proxy_set_header X-Real-Ip $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
- }
-
- #error_page 404 /404.html;
-
- # redirect server error pages to the static page /50x.html
- #
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
-
- # nginx代理接口
- location ^~ /baseUrl/ {
- proxy_pass http://域名:19000/;
- proxy_cookie_path /baseUrl/ /;
- proxy_pass_header Set-Cookie;
- proxy_set_header Host $host;
- proxy_set_header X-Real-Ip $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
-
- include /etc/nginx/conf.d/*.conf;
- }
-
- public final class NetUtils {
- private NetUtils() {
- }
-
- public static String getRealIp(HttpServletRequest request) {
- String ip = request.getHeader("x-forwarded-for");
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("X-Real-IP");
- }
-
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("Proxy-Client-IP");
- }
-
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("WL-Proxy-Client-IP");
- }
-
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("HTTP_CLIENT_IP");
- }
-
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("HTTP_X_FORWARDED_FOR");
- }
-
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getRemoteAddr();
- if ("127.0.1".equals(ip) || "0:0:0:0:0:0:0:1".equals(ip)) {
- InetAddress address = (InetAddress)Safe.call(InetAddress::getLocalHost);
- ip = address.getHostAddress();
- }
- }
-
- if (ip != null && ip.length() > 15) {
- int i = ip.indexOf(",");
- if (i > 0) {
- ip = ip.substring(0, i);
- }
- }
-
- return ip;
- }
- }
-
湘公网安备 43102202000103号
