protected virtual IPAddress GetClientIP(HttpContext context, bool filterPrivateIP = false)
{
var httpConnectionFeature = context.Features.Get <IHttpConnectionFeature>();
if (httpConnectionFeature == null)
{
return(IPAddress.Loopback);
}
var ipAddress = httpConnectionFeature.RemoteIpAddress ?? IPAddress.Loopback;
if (context.Request.Headers.TryGetValue("X-Forwarded-For", out StringValues xForwardedFor))
{
if (!StringValues.IsNullOrEmpty(xForwardedFor))
{
var forwardingIps = xForwardedFor.ToString().Split(',').Select(s =>
{
return(IPAddress.TryParse(s, out var ipd) ? ipd : IPAddress.Loopback);
}).ToList();
if (filterPrivateIP)
{
forwardingIps = forwardingIps.Where(s => s != null && !IPHelper.IsPrivateIpAddress(s)).ToList();
}
if (forwardingIps.Any())
{
return(forwardingIps.First());
}
return(ipAddress);
}
}
return(ipAddress);
}
public Task <bool> IsWhitelisted(RequestContext requestContext)
{
if (_throttlePolicy?.IpWhitelist?.Count > 0)
{
var ipAddress = requestContext.RequestIP;
if (_throttlePolicy.EnableIP)
{
if (_throttlePolicy.IpWhitelist != null && _throttlePolicy.IpWhitelist.Any(white =>
{
IPHelper.GetRange(white, out IPAddress begin, out IPAddress end);
if (ipAddress.AddressFamily != begin.AddressFamily)
{
return(false);
}
var adrBytes = ipAddress.GetAddressBytes();
return(Bits.GE(begin.GetAddressBytes(), adrBytes) && Bits.LE(end.GetAddressBytes(), adrBytes));
}))
{
return(True);
}
}
if (_throttlePolicy.EnableRequestPath)
{
var requestPath = requestContext.Request.Path;
if (_throttlePolicy.RequestPathWhitelist != null && _throttlePolicy.RequestPathWhitelist.Any(white =>
{
return(requestPath.Value?.IndexOf(white, 0, StringComparison.OrdinalIgnoreCase) != -1);
}))
{
return(True);
}
}
if (_throttlePolicy.EnableUserAgent)
{
var userAgent = requestContext.Request.Headers["User-Agent"];
//禁止无效的User-Agent访问
if (userAgent.Count == 0)
{
return(True);
}
if (_throttlePolicy.UserAgentWhitelist != null && _throttlePolicy.UserAgentWhitelist.Any(white =>
{
return(userAgent.ToString().IndexOf(white, 0, StringComparison.OrdinalIgnoreCase) != -1);
}))
{
return(True);
}
}
}
return(False);
}
private IEnumerable <RateQuota> FetchRateQuota(RequestContext requestContext)
{
// ip rate limit
if (_throttlePolicy.IPRules?.Count > 0)
{
var ipAddress = requestContext.RequestIP;
foreach (var entry in _throttlePolicy.IPRules)
{
IPHelper.GetRange(entry.Key, out IPAddress begin, out IPAddress end);
if (ipAddress.AddressFamily == begin.AddressFamily)
{
var adrBytes = ipAddress.GetAddressBytes();
if (Bits.GE(begin.GetAddressBytes(), adrBytes) && Bits.LE(end.GetAddressBytes(), adrBytes))
{
yield return(entry.Value);
}
}
}
}
// UserAgent rate limit
if (_throttlePolicy.UserAgentRules?.Count > 0)
{
var userAgent = requestContext.Request.Headers["User-Agent"];
if (userAgent.Count > 0)
{
foreach (var entry in _throttlePolicy.UserAgentRules)
{
if (userAgent.ToString().IndexOf(entry.Key, 0, StringComparison.OrdinalIgnoreCase) != -1)
{
yield return(entry.Value);
}
}
}
}
// RequestPath rate limit
if (_throttlePolicy.RequestPathRules?.Count > 0)
{
var requestPath = requestContext.Request.Path;
foreach (var entry in _throttlePolicy.RequestPathRules)
{
if (requestPath.Value?.IndexOf(entry.Key, 0, StringComparison.OrdinalIgnoreCase) != -1)
{
yield return(entry.Value);
}
}
}
}
