我正在使用Sails.js构建node.JS应用程序,该应用程序需要基于用户IP和令牌的验证方法。我的应用程序接收请求者ip并使用另一个应用程序存储的文档进行验证。 我遇到了一个问题,有时我的应用程序看到将错误的IP值分配给请求者。
我有以下验证方法:
validate: function (req, res) {
//get requester IP
ip = (req.headers['x-real-ip'] ||
req.connection.remoteAddress ||
req.socket.remoteAddress ||
req.connection.socket.remoteAddress):
valid = false;
Validation.findOne({token: req.param("token")}).exec(function findVal(err, validation){
if (validation.ip == ip){
console.log("Correct IP");
}
else{
console.log("Wrong IP!");
console.log("token:" + req.param("token"));
console.log("Received:" + ip);
console.log("Expected:" + validation.ip);
}
});
}
偶尔我会得到一个错误的IP"输出,即使请求者IP是正确的 检查MongoDB文档和Nginx日志,我相信我的应用程序有时会使用新请求者的IP覆盖ip值。
-- Nodejs application log in a real scenario
Wrong IP!
token: example123
Received: 150.xx.xx.50
Expected: 186.xx.xx.106
Correct IP
Correct IP
下面的请求指的是上面描述的错误的Ip错误。在Nginx收到的请求中,ip是正确的,而节点应用程序处理的值是错误的。节点收到的IP值与下面日志中的第三个请求相同
-- Nginx access log
186.xx.xx.106 -- [15/Oct/2014:22:10:57 +0000]
"GET /validate?token=example123 HTTP/1.1" 200 2 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; ) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19" "-"
[other request]
150.xx.xx.50 -- [15/Oct/2014:22:10:59 +0000]
"GET /validate?token=notTheSameValue HTTP/1.1" 200 2 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; ) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19" "-"
所以,我有以下情况:
[request 1][Failed]
-> Nginx received request from IP 186.xx.xx.106 with param: token = example123
-> Node application received request from IP 150.xx.xx.50 with param: token = example123
[request 2][OK]
data ommited
[request 3][OK]
-> Nginx received request from IP 150.xx.xx.50 with param: token = notTheSameValue
-> Node application received request from IP 150.xx.xx.50 with param: token = notTheSameValue
我已经仔细检查了mongodb文档中创建的所有值,我用它来验证请求者IP。
有没有人知道造成这个问题的原因是什么?也许用方法来获取请求者IP?我感谢任何帮助。