manager/orion-visor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔨 IP 请求头可配置.

Browse Source
This commit is contained in:
lijiahangmax
2025-10-27 09:50:17 +08:00
parent 90705781f2
commit 3a8addb4d2
7 changed files with 95 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env.example
View File

@@ -6,6 +6,7 @@ SPRING_PROFILES_ACTIVE=prod
DEMO_MODE=false DEMO_MODE=false
API_CORS=true API_CORS=true
API_IP_HEADERS=X-Forwarded-For,X-Real-IP
API_EXPOSE_TOKEN=pmqeHOyZaumHm0Wt API_EXPOSE_TOKEN=pmqeHOyZaumHm0Wt
SECRET_KEY=uQeacXV8b3isvKLK SECRET_KEY=uQeacXV8b3isvKLK

1
docker-compose.yaml
View File

@@ -49,6 +49,7 @@ services:
GUACD_DRIVE_PATH: ${GUACD_DRIVE_PATH:-/drive} GUACD_DRIVE_PATH: ${GUACD_DRIVE_PATH:-/drive}
SECRET_KEY: ${SECRET_KEY:-uQeacXV8b3isvKLK} SECRET_KEY: ${SECRET_KEY:-uQeacXV8b3isvKLK}
API_EXPOSE_TOKEN: ${API_EXPOSE_TOKEN:-pmqeHOyZaumHm0Wt} API_EXPOSE_TOKEN: ${API_EXPOSE_TOKEN:-pmqeHOyZaumHm0Wt}
API_IP_HEADERS: ${API_IP_HEADERS:-X-Forwarded-For,X-Real-IP}
API_CORS: ${API_CORS:-true} API_CORS: ${API_CORS:-true}
DEMO_MODE: ${DEMO_MODE:-false} DEMO_MODE: ${DEMO_MODE:-false}
volumes: volumes:

55
orion-visor-common/src/main/java/org/dromara/visor/common/configuration/CommonConfiguration.java Normal file
View File

@@ -0,0 +1,55 @@
/*
* Copyright (c) 2023 - present Dromara, All rights reserved.
*
* https://visor.dromara.org
* https://visor.dromara.org.cn
* https://visor.orionsec.cn
*
* Members:
* Jiahang Li - ljh1553488six@139.com - author
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.dromara.visor.common.configuration;
import lombok.extern.slf4j.Slf4j;
import org.dromara.visor.common.utils.IpUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import javax.annotation.PostConstruct;
/**
* 公共配置类
*
* @author Jiahang Li
* @version 1.0.0
* @since 2023/6/20 10:34
*/
@Slf4j
@Configuration
public class CommonConfiguration {
@Value("${orion.api.ip-headers}")
private String[] ipHeaders;
/**
* 设置 IP 请求头
*/
@PostConstruct
public void setIpHeader() {
IpUtils.setIpHeader(ipHeaders);
log.info("IpUtils.setIpHeader {}", String.join(",", ipHeaders));
}
}

41
orion-visor-common/src/main/java/org/dromara/visor/common/utils/IpUtils.java
View File

@@ -24,7 +24,7 @@ package org.dromara.visor.common.utils;
import cn.orionsec.kit.ext.location.Region; import cn.orionsec.kit.ext.location.Region;
import cn.orionsec.kit.ext.location.region.LocationRegions; import cn.orionsec.kit.ext.location.region.LocationRegions;
import cn.orionsec.kit.web.servlet.web.Servlets; import cn.orionsec.kit.lang.utils.net.IPs;
import org.dromara.visor.common.constant.Const; import org.dromara.visor.common.constant.Const;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@@ -40,6 +40,8 @@ import java.util.Map;
*/ */
public class IpUtils { public class IpUtils {
private static String[] IP_HEADER = new String[]{"X-Forwarded-For", "X-Real-IP"};
private static final Map<String, String> CACHE = new HashMap<>(); private static final Map<String, String> CACHE = new HashMap<>();
private IpUtils() { private IpUtils() {
@@ -52,13 +54,17 @@ public class IpUtils {
* @return addr * @return addr
*/ */
public static String getRemoteAddr(HttpServletRequest request) { public static String getRemoteAddr(HttpServletRequest request) {
// 获取实际地址 X_REAL_IP 在多代理情况下会有问题 if (request == null) {
// String realIp = request.getHeader(StandardHttpHeader.X_REAL_IP); return null;
// if (!Strings.isBlank(realIp)) { } else {
// return realIp; for (String remoteAddrHeader : IP_HEADER) {
// } String addr = checkIpHeader(request.getHeader(remoteAddrHeader));
// 获取请求地址 if (addr != null) {
return Servlets.getRemoteAddr(request); return addr;
}
}
return checkIpHeader(request.getRemoteAddr());
}
} }
/** /**
@@ -112,4 +118,23 @@ public class IpUtils {
return Const.CN_UNKNOWN; return Const.CN_UNKNOWN;
} }
/**
* 检查 ip 请求头
*
* @param headerValue headerValue
* @return header
*/
private static String checkIpHeader(String headerValue) {
if (headerValue == null) {
return null;
} else {
headerValue = headerValue.split(",")[0];
return IPs.checkIp(headerValue);
}
}
public static void setIpHeader(String[] ipHeader) {
IP_HEADER = ipHeader;
}
} }

3
orion-visor-launch/src/main/resources/application-prod.yaml
View File

@@ -74,6 +74,9 @@ orion:
api: api:
# 是否允许跨域 # 是否允许跨域
cors: ${API_CORS:true} cors: ${API_CORS:true}
# 获取 IP 的请求头
ip-headers: ${API_IP_HEADERS:X-Forwarded-For,X-Real-IP}
# 对外服务
expose: expose:
# 暴露接口请求头值 # 暴露接口请求头值
token: ${API_EXPOSE_TOKEN:pmqeHOyZaumHm0Wt} token: ${API_EXPOSE_TOKEN:pmqeHOyZaumHm0Wt}

2
orion-visor-launch/src/main/resources/application.yaml
View File

@@ -175,6 +175,8 @@ orion:
prefix: ${orion.prefix}/api prefix: ${orion.prefix}/api
# 是否允许跨域 # 是否允许跨域
cors: true cors: true
# 获取 IP 的请求头
ip-headers: X-Forwarded-For,X-Real-IP
# 对外服务 # 对外服务
expose: expose:
# 暴露接口请求头 # 暴露接口请求头

5
orion-visor-modules/orion-visor-module-monitor/orion-visor-module-monitor-service/src/main/java/org/dromara/visor/module/monitor/enums/AlarmEventSourceTypeEnum.java
View File

@@ -41,11 +41,6 @@ public enum AlarmEventSourceTypeEnum {
*/ */
HOST, HOST,
/**
* 拨测告警
*/
UPTIME,
; ;
public static AlarmEventSourceTypeEnum of(String value) { public static AlarmEventSourceTypeEnum of(String value) {