From 5ab20df487dfb63c9a334b38fc3604b6b6c372c9 Mon Sep 17 00:00:00 2001 From: dongwei <838456736@qq.com> Date: Mon, 14 Jan 2019 12:03:47 +0800 Subject: [PATCH] ip limit & tool selected --- src/Client.php | 3 +- src/Middleware/Security.php | 57 ++++++++++++++++++++ src/Providers/LumenServerServiceProvider.php | 6 ++- src/Server/JsonRpcServer.php | 2 +- src/Server/JsonRpcTool.php | 6 +-- src/views/tool.blade.php | 2 +- 6 files changed, 68 insertions(+), 8 deletions(-) create mode 100644 src/Middleware/Security.php diff --git a/src/Client.php b/src/Client.php index ac61da1..2f146e4 100644 --- a/src/Client.php +++ b/src/Client.php @@ -139,7 +139,8 @@ class Client */ protected function id() { - return $this->id.'-'.time(); +// return $this->id.'-'.time(); + return $this->id; } } \ No newline at end of file diff --git a/src/Middleware/Security.php b/src/Middleware/Security.php new file mode 100644 index 0000000..5158a24 --- /dev/null +++ b/src/Middleware/Security.php @@ -0,0 +1,57 @@ +info("rpc security middleware call here"); + $ip = $request->getClientIp(); + if ($this->isClientIPPermitted($ip) == false) { + return new JsonResponse("$ip is forbidden", 403); + } + return $next($request); + } + + /** + * 内网ip判断 + * @param $ip + * @return bool + */ + private function isClientIPPermitted($ip) + { + if (!app()->environment('production', 'staging')) { + return true; + } + + if (Str::startsWith($ip, [ + '127.0.0.', + '192.168.', + '10.0.', + ])) { + return true; + } + return false; + } +} \ No newline at end of file diff --git a/src/Providers/LumenServerServiceProvider.php b/src/Providers/LumenServerServiceProvider.php index 2e91aad..930f894 100644 --- a/src/Providers/LumenServerServiceProvider.php +++ b/src/Providers/LumenServerServiceProvider.php @@ -4,6 +4,7 @@ namespace JsonRpc\Providers; use App\Http\Middleware\JsonRpc; use Illuminate\Support\ServiceProvider; +use JsonRpc\Middleware\Security; use JsonRpc\Server\JsonRpcDoc; use JsonRpc\Server\JsonRpcServer; use JsonRpc\Server\JsonRpcTool; @@ -24,9 +25,10 @@ class LumenServerServiceProvider extends ServiceProvider public function boot() { + $this->app->routeMiddleware(['rpc.security' => Security::class]); $this->app->router->group([ - 'prefix' => 'rpc' -// 'middleware' => 'rpc', + 'prefix' => 'rpc', + 'middleware' => 'rpc.security', ], function () { $this->app->configure('rpc'); diff --git a/src/Server/JsonRpcServer.php b/src/Server/JsonRpcServer.php index bc6ddad..6985d48 100644 --- a/src/Server/JsonRpcServer.php +++ b/src/Server/JsonRpcServer.php @@ -50,7 +50,7 @@ class JsonRpcServer } else { list($method, $params, $id) = $this->parseJson($this->request->getContent()); } - + app('log')->info('rpc ser', [$method, $params, $id, $this->request->header('client_app')]); list($class, $function) = $this->parseMethodWithMap($method); // dump($class,$function);exit; diff --git a/src/Server/JsonRpcTool.php b/src/Server/JsonRpcTool.php index d85760a..a0eebeb 100644 --- a/src/Server/JsonRpcTool.php +++ b/src/Server/JsonRpcTool.php @@ -35,10 +35,10 @@ class JsonRpcTool $view = view(); $params = json_decode($request->input('params'), true); - + $method = $request->input('method'); if ($request->method() == Request::METHOD_POST) { - $method = $request->input('method'); + try { $result = app('rpc.'.$this->config['name'])->call($method, $params); @@ -47,7 +47,7 @@ class JsonRpcTool $view->share('error', ['code' => $exception->getCode(), 'message' => $exception->getMessage()]); } } - + $view->share('method',$method); $view->share('endpoint', $this->getEndpoint()); $view->share('methods', $this->getMethods()); $view->share('params', json_encode($params)); diff --git a/src/views/tool.blade.php b/src/views/tool.blade.php index d3e2826..5db66da 100644 --- a/src/views/tool.blade.php +++ b/src/views/tool.blade.php @@ -60,7 +60,7 @@