From 5ab20df487dfb63c9a334b38fc3604b6b6c372c9 Mon Sep 17 00:00:00 2001
From: dongwei <838456736@qq.com>
Date: Mon, 14 Jan 2019 12:03:47 +0800
Subject: [PATCH] ip limit & tool selected
---
src/Client.php | 3 +-
src/Middleware/Security.php | 57 ++++++++++++++++++++
src/Providers/LumenServerServiceProvider.php | 6 ++-
src/Server/JsonRpcServer.php | 2 +-
src/Server/JsonRpcTool.php | 6 +--
src/views/tool.blade.php | 2 +-
6 files changed, 68 insertions(+), 8 deletions(-)
create mode 100644 src/Middleware/Security.php
diff --git a/src/Client.php b/src/Client.php
index ac61da1..2f146e4 100644
--- a/src/Client.php
+++ b/src/Client.php
@@ -139,7 +139,8 @@ class Client
*/
protected function id()
{
- return $this->id.'-'.time();
+// return $this->id.'-'.time();
+ return $this->id;
}
}
\ No newline at end of file
diff --git a/src/Middleware/Security.php b/src/Middleware/Security.php
new file mode 100644
index 0000000..5158a24
--- /dev/null
+++ b/src/Middleware/Security.php
@@ -0,0 +1,57 @@
+info("rpc security middleware call here");
+ $ip = $request->getClientIp();
+ if ($this->isClientIPPermitted($ip) == false) {
+ return new JsonResponse("$ip is forbidden", 403);
+ }
+ return $next($request);
+ }
+
+ /**
+ * 内网ip判断
+ * @param $ip
+ * @return bool
+ */
+ private function isClientIPPermitted($ip)
+ {
+ if (!app()->environment('production', 'staging')) {
+ return true;
+ }
+
+ if (Str::startsWith($ip, [
+ '127.0.0.',
+ '192.168.',
+ '10.0.',
+ ])) {
+ return true;
+ }
+ return false;
+ }
+}
\ No newline at end of file
diff --git a/src/Providers/LumenServerServiceProvider.php b/src/Providers/LumenServerServiceProvider.php
index 2e91aad..930f894 100644
--- a/src/Providers/LumenServerServiceProvider.php
+++ b/src/Providers/LumenServerServiceProvider.php
@@ -4,6 +4,7 @@ namespace JsonRpc\Providers;
use App\Http\Middleware\JsonRpc;
use Illuminate\Support\ServiceProvider;
+use JsonRpc\Middleware\Security;
use JsonRpc\Server\JsonRpcDoc;
use JsonRpc\Server\JsonRpcServer;
use JsonRpc\Server\JsonRpcTool;
@@ -24,9 +25,10 @@ class LumenServerServiceProvider extends ServiceProvider
public function boot()
{
+ $this->app->routeMiddleware(['rpc.security' => Security::class]);
$this->app->router->group([
- 'prefix' => 'rpc'
-// 'middleware' => 'rpc',
+ 'prefix' => 'rpc',
+ 'middleware' => 'rpc.security',
], function () {
$this->app->configure('rpc');
diff --git a/src/Server/JsonRpcServer.php b/src/Server/JsonRpcServer.php
index bc6ddad..6985d48 100644
--- a/src/Server/JsonRpcServer.php
+++ b/src/Server/JsonRpcServer.php
@@ -50,7 +50,7 @@ class JsonRpcServer
} else {
list($method, $params, $id) = $this->parseJson($this->request->getContent());
}
-
+ app('log')->info('rpc ser', [$method, $params, $id, $this->request->header('client_app')]);
list($class, $function) = $this->parseMethodWithMap($method);
// dump($class,$function);exit;
diff --git a/src/Server/JsonRpcTool.php b/src/Server/JsonRpcTool.php
index d85760a..a0eebeb 100644
--- a/src/Server/JsonRpcTool.php
+++ b/src/Server/JsonRpcTool.php
@@ -35,10 +35,10 @@ class JsonRpcTool
$view = view();
$params = json_decode($request->input('params'), true);
-
+ $method = $request->input('method');
if ($request->method() == Request::METHOD_POST) {
- $method = $request->input('method');
+
try {
$result = app('rpc.'.$this->config['name'])->call($method, $params);
@@ -47,7 +47,7 @@ class JsonRpcTool
$view->share('error', ['code' => $exception->getCode(), 'message' => $exception->getMessage()]);
}
}
-
+ $view->share('method',$method);
$view->share('endpoint', $this->getEndpoint());
$view->share('methods', $this->getMethods());
$view->share('params', json_encode($params));
diff --git a/src/views/tool.blade.php b/src/views/tool.blade.php
index d3e2826..5db66da 100644
--- a/src/views/tool.blade.php
+++ b/src/views/tool.blade.php
@@ -60,7 +60,7 @@