2024-03-26 14:22:13 +08:00
3 changed files with 32 additions and 5 deletions
--- a/src/main/kotlin/top/fatweb/oxygen/api/aop/SysLogInterceptor.kt
+++ b/src/main/kotlin/top/fatweb/oxygen/api/aop/SysLogInterceptor.kt
@@ -49,7 +49,7 @@ class SysLogInterceptor(
            requestUri = URI(request.requestURI).path
            requestParams = formatParams(request.parameterMap)
            requestMethod = request.method
-            requestIp = request.remoteAddr
+            requestIp = WebUtil.getRequestIp(request)
            requestServerAddress = "${request.scheme}://${request.serverName}:${request.serverPort}"
            userAgent = request.getHeader("User-Agent")
        }
--- a/src/main/kotlin/top/fatweb/oxygen/api/service/permission/impl/AuthenticationServiceImpl.kt
+++ b/src/main/kotlin/top/fatweb/oxygen/api/service/permission/impl/AuthenticationServiceImpl.kt
@@ -165,7 +165,7 @@ class AuthenticationServiceImpl(
            LocalDateTime.now(ZoneOffset.UTC).toInstant(ZoneOffset.UTC).toEpochMilli()
        }-${UUID.randomUUID()}-${UUID.randomUUID()}-${UUID.randomUUID()}"
        userService.update(KtUpdateWrapper(User()).eq(User::id, user.id).set(User::forget, code))
-        sendRetrieveMail(user.username!!, request.remoteAddr, code, forgetParam.email!!)
+        sendRetrieveMail(user.username!!, WebUtil.getRequestIp(request), code, forgetParam.email!!)
    }

    @Transactional
@@ -197,7 +197,7 @@ class AuthenticationServiceImpl(

        WebUtil.offlineUser(redisUtil, user.id!!)

-        sendPasswordChangedMail(user.username!!, request.remoteAddr, userInfo!!.email!!)
+        sendPasswordChangedMail(user.username!!, WebUtil.getRequestIp(request), userInfo!!.email!!)
    }

    @EventLogRecord(EventLog.Event.LOGIN)
@@ -377,9 +377,9 @@ class AuthenticationServiceImpl(
            }
        }

-        logger.info("用户登录 [用户名: '{}', IP: '{}']", loginUser.username, request.remoteAddr)
+        logger.info("用户登录 [用户名: '{}', IP: '{}']", loginUser.username, WebUtil.getRequestIp(request))
        userService.update(User().apply {
-            currentLoginIp = request.remoteAddr
+            currentLoginIp = WebUtil.getRequestIp(request)
            currentLoginTime = LocalDateTime.now(ZoneOffset.UTC)
            lastLoginIp = loginUser.user.currentLoginIp
            lastLoginTime = loginUser.user.currentLoginTime
--- a/src/main/kotlin/top/fatweb/oxygen/api/util/WebUtil.kt
+++ b/src/main/kotlin/top/fatweb/oxygen/api/util/WebUtil.kt
@@ -76,4 +76,31 @@ object WebUtil {

        redisUtil.delObject(keys)
    }
+
+    /**
+     * Get real request IP
+     *
+     * @param request HttpServletRequest object
+     * @return IP address
+     * @author FatttSnake, fatttsnake@gmail.com
+     * @since 1.0.0
+     * @see HttpServletRequest
+     */
+    fun getRequestIp(request: HttpServletRequest): String {
+        var ip = request.getHeader("X-Real-IP")
+        if (!ip.isNullOrBlank() && !"unknown".equals(ip, true)) {
+            return ip
+        }
+        ip = request.getHeader("X-Forwarded-For")
+        return if (!ip.isNullOrBlank() && !"unknown".equals(ip, true)) {
+            val index = ip.indexOf(",")
+            if (index != -1) {
+                ip.substring(0, index)
+            } else {
+                ip
+            }
+        } else {
+            request.remoteAddr
+        }
+    }
 }