Get client ip in koa js

在 Koa.js 中，可以通过请求对象（ctx.request）访问客户端的 IP 地址。最直接的方法是使用 ctx.request.ip 属性。但在实际部署中，很多应用会放在代理（如 Nginx）后面，这时直接获取的 IP 可能是代理服务器的 IP。为了获取实际的客户端 IP，通常会通过 X-Forwarded-For 请求头来获取。

这里有一个简单的例子说明如何在 Koa.js 中获取客户端的真实 IP 地址：

javascript
const Koa = require('koa');
const app = new Koa();

// Trust proxy headers
app.proxy = true;

app.use(async ctx => {
  // 获取真实客户端 IP 地址
  const clientIp = ctx.request.ip;

  // 如果使用了代理，那么可以通过以下方式获取真实 IP
  // const xForwardedFor = ctx.request.header['x-forwarded-for'];
  // const realClientIp = xForwardedFor ? xForwardedFor.split(',')[0] : clientIp;

  ctx.body = `Your IP address is: ${clientIp}`;
});

app.listen(3000, () => {
  console.log('Server is running on http://localhost:3000');
});

在上面的代码中：

• app.proxy = true; 告诉 Koa 信任代理头信息（比如 X-Forwarded-For），这通常在应用部署在代理之后时设置。
• ctx.request.ip 用于获取请求的 IP 地址。若设置了 app.proxy = true;，Koa 会自动考虑 X-Forwarded-For 头信息。
• 我们注释掉的两行代码显示了如何手动从 X-Forwarded-For 头信息中提取客户端的真实 IP。这可能在不同的部署设置中有所不同，因为有些代理会添加多个 IP 地址到 X-Forwarded-For。

确保在生产环境中谨慎设置 app.proxy = true;，因为它会信任请求头中的 IP 地址。只有当您确信代理是可信的并且已正确配置时，才应该这样做。错误地信任代理头信息可能会导致安全问题。

Koa 1:

Assuming you have no reverse proxy in place, you can use this.request.ip like this:

shell
router.get('/admin.html', function *(next) {
    const clientIP = this.request.ip;
    this.body = `Hello World ${clientIP}`;
});

This feature is documented in the request documentation. You can always access said request object as this.request.

If you have a reverse proxy in place, you'll always get the IP address of the reverse proxy. In this case, it's more tricky: In the reverse proxy configuration, you need to add a special header, e.g. X-Orig-IP with the original client IP.

Then, you can access it in koa with:

shell
const clientIp = this.request.headers["X-Orig-IP"];

Koa 2:

The approach is quite similar, only the syntax is slightly different:

shell
router.get('/', async (ctx, next) => {
    const clientIP = ctx.request.ip;
    ctx.body = `Hello World ${clientIP}`;
})

If you add app.proxy=true you can still use request.ip without having to worry about the IP headers.

I had the same problem but resolved it by using this module found on NPM request-ip

in koa it can be simply used userIp = requestIp.getClientIp(ctx.request)

The user ip is determined by the following order:

shell
X-Client-IP
X-Forwarded-For (Header may return multiple IP addresses in the format: "client IP, proxy 1 IP, proxy 2 IP", so we take the the first one.)
CF-Connecting-IP (Cloudflare)
Fastly-Client-Ip (Fastly CDN and Firebase hosting header when forwared to a cloud function)
True-Client-Ip (Akamai and Cloudflare)
X-Real-IP (Nginx proxy/FastCGI)
X-Cluster-Client-IP (Rackspace LB, Riverbed Stingray)
X-Forwarded, Forwarded-For and Forwarded (Variations of #2)
req.connection.remoteAddress
req.socket.remoteAddress
req.connection.socket.remoteAddress
req.info.remoteAddress

If an IP address cannot be found, it will return null.