Rails获取用户访问的ip

在rails中获取rails的ip值的方法一般是用:
request.remote_ip

rails2,rails3都是这样调用,但是两者是有区别的
rails2.3.8中的这个方法封装在ActionController::Request类中
从源代码看
 def remote_ip
       remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/)
 
       unless remote_addr_list.blank?
         not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES}
         return not_trusted_addrs.first unless not_trusted_addrs.empty?
       end
       remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',')
 
       if @env.include? 'HTTP_CLIENT_IP'
         if ActionController::Base.ip_spoofing_check && remote_ips && !remote_ips.include?(@env['HTTP_CLIENT_IP'])
           # We don't know which came from the proxy, and which from the user
           raise ActionControllerError.new("IP spoofing attack?!\nHTTP_CLIENT_IP=\#{@env['HTTP_CLIENT_IP'].inspect}\nHTTP_X_FORWARDED_FOR=\#{@env['HTTP_X_FORWARDED_FOR'].inspect}\n")
         end
 
         return @env['HTTP_CLIENT_IP']
       end
 
       if remote_ips
         while remote_ips.size > 1 && TRUSTED_PROXIES =~ remote_ips.last.strip
           remote_ips.pop
         end
 
         return remote_ips.last.strip
       end
 
       @env['REMOTE_ADDR']
     end

获取用户登录信息的http头都封装在了@env这个实例变量里面了

rails3.2.6对以前的代码作了优化,并单独封装了ActionDispatch::Request 这个类
源代码也只是剩下下面几行了
# File actionpack/lib/action_dispatch/http/request.rb, line 159
def remote_ip
  @remote_ip ||= (@env["action_dispatch.remote_ip"] || ip).to_s
end


由于领导跟外面公司合作用了某某的加速服务(网站缓存到了其他地方的服务器上),造成ip获取产生了问题,服务商跟我说他们的真实ip放在了http头的 HTTP_X_REAL_FORWARDED_FOR中,于是打算重新给request写一个方法,获取用户的真实ip。

# 增加代理之后,ip发生了变化,需要取原始的ip地址
class ActionController::Request
  def real_ip
    !@env['HTTP_X_REAL_FORWARDED_FOR'].blank? ? @env['HTTP_X_REAL_FORWARDED_FOR'] : remote_ip
  end
end

你可能感兴趣的:(Rails)