乐闻世界logo
搜索文章和话题

Koajs 如何获取客户端 ip ?

9 个月前提问
6 个月前修改
浏览次数131

4个答案

1
2
3
4

在 Koa.js 中,可以通过请求对象(ctx.request)访问客户端的 IP 地址。最直接的方法是使用 ctx.request.ip 属性。但在实际部署中,很多应用会放在代理(如 Nginx)后面,这时直接获取的 IP 可能是代理服务器的 IP。为了获取实际的客户端 IP,通常会通过 X-Forwarded-For 请求头来获取。

这里有一个简单的例子说明如何在 Koa.js 中获取客户端的真实 IP 地址:

javascript
const Koa = require('koa'); const app = new Koa(); // Trust proxy headers app.proxy = true; app.use(async ctx => { // 获取真实客户端 IP 地址 const clientIp = ctx.request.ip; // 如果使用了代理,那么可以通过以下方式获取真实 IP // const xForwardedFor = ctx.request.header['x-forwarded-for']; // const realClientIp = xForwardedFor ? xForwardedFor.split(',')[0] : clientIp; ctx.body = `Your IP address is: ${clientIp}`; }); app.listen(3000, () => { console.log('Server is running on http://localhost:3000'); });

在上面的代码中:

  • app.proxy = true; 告诉 Koa 信任代理头信息(比如 X-Forwarded-For),这通常在应用部署在代理之后时设置。
  • ctx.request.ip 用于获取请求的 IP 地址。若设置了 app.proxy = true;,Koa 会自动考虑 X-Forwarded-For 头信息。
  • 我们注释掉的两行代码显示了如何手动从 X-Forwarded-For 头信息中提取客户端的真实 IP。这可能在不同的部署设置中有所不同,因为有些代理会添加多个 IP 地址到 X-Forwarded-For

确保在生产环境中谨慎设置 app.proxy = true;,因为它会信任请求头中的 IP 地址。只有当您确信代理是可信的并且已正确配置时,才应该这样做。错误地信任代理头信息可能会导致安全问题。

2024年6月29日 12:07 回复

Koa 1:

Assuming you have no reverse proxy in place, you can use this.request.ip like this:

shell
router.get('/admin.html', function *(next) { const clientIP = this.request.ip; this.body = `Hello World ${clientIP}`; });

This feature is documented in the request documentation. You can always access said request object as this.request.

If you have a reverse proxy in place, you'll always get the IP address of the reverse proxy. In this case, it's more tricky: In the reverse proxy configuration, you need to add a special header, e.g. X-Orig-IP with the original client IP.

Then, you can access it in koa with:

shell
const clientIp = this.request.headers["X-Orig-IP"];

Koa 2:

The approach is quite similar, only the syntax is slightly different:

shell
router.get('/', async (ctx, next) => { const clientIP = ctx.request.ip; ctx.body = `Hello World ${clientIP}`; })
2024年6月29日 12:07 回复

If you add app.proxy=true you can still use request.ip without having to worry about the IP headers.

2024年6月29日 12:07 回复

I had the same problem but resolved it by using this module found on NPM request-ip

in koa it can be simply used userIp = requestIp.getClientIp(ctx.request)

The user ip is determined by the following order:

shell
X-Client-IP X-Forwarded-For (Header may return multiple IP addresses in the format: "client IP, proxy 1 IP, proxy 2 IP", so we take the the first one.) CF-Connecting-IP (Cloudflare) Fastly-Client-Ip (Fastly CDN and Firebase hosting header when forwared to a cloud function) True-Client-Ip (Akamai and Cloudflare) X-Real-IP (Nginx proxy/FastCGI) X-Cluster-Client-IP (Rackspace LB, Riverbed Stingray) X-Forwarded, Forwarded-For and Forwarded (Variations of #2) req.connection.remoteAddress req.socket.remoteAddress req.connection.socket.remoteAddress req.info.remoteAddress

If an IP address cannot be found, it will return null.

2024年6月29日 12:07 回复

你的答案