我想限制访问我的网站在某个控制器中的某些页面到某个IP地址范围,我想出了如何完成但我找不到使用PURE代码获取IP地址范围的方法...反正有可能吗?
您可以在request.remote_ip找到发出请求的客户的IP。
然后定义自定义约束以限制对某些IP或IP范围的访问。
你的route.rb文件看起来像这样
require "ipaddr"
MyApp::Application.routes.draw do
resources :users
constraints Whitelist.new do
get 'protected_routes'
end
end
class WhiteList
def initialize
@ips = ['127.0.0.1', '203.123.10.1']
@ip_ranges = [
{
start_ip: '192.168.0.1',
end_ip: '192.168.0.30'
},
{
start_ip: '10.1.1.1',
end_ip: '10.1.1.100'
}
]
end
def matches?(request)
return true if @ips.include? request.remote_ip
remote_ip_address = IPAddr.new(request.remote_ip).to_i
@ip_ranges.each do |ip_range|
low = IPAddr.new(ip_range[:start_ip]).to_i
high = IPAddr.new(ip_range[:end_ip]).to_i
return true if (low..high)===remote_ip_address
end
return false
end
end
class SomeController < ApplicationController
before_action :restrict_access, only: %i( action1 )
def action1
# something
end
def action2
# something else
end
private
def restrict_access
unless TRUSTED_IPS.include? request.remote_ip
flash[:error] = "Sorry. You are not allowed."
redirect_to root_path
end
end
TRUSTED_IPS = [
"192.168.1.13",
"192.168.1.19",
]
end
这将允许您限制对特定IP的访问。如果要限制到单个IP范围,您还可以执行以下操作:
private
def restrict_access
if !( ip_to_int(request.remote_ip) > ip_to_int(MIN_IP)
and ip_to_int(request.remote_ip) < ip_to_int(MAX_IP) )
flash[:error] = "Sorry. You are not allowed."
redirect_to root_path
end
end
def ip_to_int(ip)
request.remote_ip.split(".").map{|el| el.rjust(3,'0')}.join.to_i
end
MIN_IP = "192.168.0.13"
MAX_IP = "192.168.0.46"