feat: 一个plus版的反代自定义配置实现 #22

MeoProject · Jan 13, 2024 · 427cc72 · 427cc72 · esme518 · Jan 13, 2024
1 parent 5528f64
commit 427cc72
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 6 deletions.
diff --git a/common/config.py b/common/config.py
@@ -62,6 +62,17 @@ class ConfigReadException(Exception):
                 "privkey": "/path/to/your/private/key",
             },
         },
+        "reverse_proxy": {
+            "desc": "针对类似于nginx一类的反代的配置",
+            "allow_proxy": True,
+            "_allow_proxy-desc": "是否允许反代",
+            "proxy_whitelist_remote": [
+                "反代时允许的ip来源列表，通常为127.0.0.1",
+                "127.0.0.1"
+            ],
+            "real_ip_header": 'X-Real-IP',
+            "_real_ip_header-desc": "反代来源ip的来源头，不懂请保持默认",
+        },
         "debug_mode": False,
         "_debug_mode-desc": "是否开启调试模式",
         "log_length_limit": 500,

diff --git a/main.py b/main.py
@@ -32,7 +32,7 @@
 import time
 import os
 
-def handleResult(dic, status = 200):
+def handleResult(dic, status = 200) -> Response:
     return Response(body = json.dumps(dic, indent=2, ensure_ascii=False), content_type='application/json', status = status)
 
 logger = log.log("main")
@@ -46,16 +46,22 @@ def handleResult(dic, status = 200):
 else:
     stopEvent = asyncio.exceptions.CancelledError
 
-def start_checkcn_thread():
+def start_checkcn_thread() -> None:
     threading.Thread(target=Httpx.checkcn).start()
 
 # check request info before start
 async def handle_before_request(app, handler):
     async def handle_request(request):
         try:
-            # nginx proxy header
-            if (request.headers.get("X-Real-IP")):
-                request.remote_addr = request.headers.get("X-Real-IP")
+            if (config.read_config('common.reverse_proxy.enable')):
+                if (request.headers.get(config.read_config('common.reverse_proxy.real_ip_header'))):
+                    # proxy header
+                    if (request.remote in config.read_config('common.reverse_proxy.proxy_whitelist_remote')):
+                        request.remote_addr = request.headers.get(config.read_config('common.reverse_proxy.real_ip_header'))
+                    else:
+                        return handleResult({"code": 1, "msg": "反代客户端远程地址不在反代ip白名单中", "data": None}, 403)
+                else:
+                    request.remote_addr = request.remote
             else:
                 request.remote_addr = request.remote
             # check ip
@@ -91,7 +97,7 @@ async def handle_request(request):
                 resp = handleResult(resp)
             elif (not isinstance(resp, Response)):
                 resp = Response(body = str(resp), content_type='text/plain', status = 200)
-            aiologger.info(f'{request.remote_addr} - {request.method} "{request.path}", {resp.status}')
+            aiologger.info(f'{request.remote_addr + "" if (request.remote == request.remote_addr) else f"|proxy@{request.remote}"} - {request.method} "{request.path}", {resp.status}')
             return resp
         except: 
             logger.error(traceback.format_exc())