feat: log X-Real-IP header (#631)

* feat: log X-Real-IP header * fix: log first X-Forwarded-For client * refactor: add GetRealIP function * fix: RemoteAddr * feat: display the X-Real-IP and X-Forwarded-For --------- Co-authored-by: jeessy2 <6205259+jeessy2@users.noreply.github.com>
2025-10-20 15:33:46 +08:00 · 2023-03-24 23:29:08 +08:00
parent d4bb61e346
commit 9f7ee01451
3 changed files with 29 additions and 5 deletions
--- a/web/basic_auth.go
+++ b/web/basic_auth.go
@ -30,7 +30,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		if err != nil && time.Now().Unix()-startTime > 2*24*60*60 &&
 			(!util.IsPrivateNetwork(r.RemoteAddr) || !util.IsPrivateNetwork(r.Host)) {
 			w.WriteHeader(http.StatusForbidden)
-			log.Printf("配置文件为空, 超过2天禁止从公网访问。RemoteAddr: %s\n", r.RemoteAddr)
+			log.Printf("%q 配置文件为空, 超过2天禁止从公网访问。\n", util.GetRequestIPStr(r))
 			return
 		}

@ -38,7 +38,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		if conf.NotAllowWanAccess {
 			if !util.IsPrivateNetwork(r.RemoteAddr) || !util.IsPrivateNetwork(r.Host) {
 				w.WriteHeader(http.StatusForbidden)
-				log.Printf("%s 被禁止从公网访问\n", r.RemoteAddr)
+				log.Printf("%q 禁止从公网访问!\n", util.GetRequestIPStr(r))
 				return
 			}
 		}
@ -51,7 +51,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		}

 		if ld.FailTimes >= 5 {
-			log.Printf("%s 登陆失败超过5次! 并延时5分钟响应\n", r.RemoteAddr)
+			log.Printf("%q 登陆失败超过5次! 并延时5分钟响应!\n", util.GetRequestIPStr(r))
 			time.Sleep(5 * time.Minute)
 			if ld.FailTimes >= 5 {
 				ld.FailTimes = 0
@ -84,7 +84,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 			}

 			ld.FailTimes = ld.FailTimes + 1
-			log.Printf("%s 登陆失败!\n", r.RemoteAddr)
+			log.Printf("%q 登陆失败!\n", util.GetRequestIPStr(r))
 		}

 		// 认证失败，提示 401 Unauthorized
@ -92,6 +92,6 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
 		// 401 状态码
 		w.WriteHeader(http.StatusUnauthorized)
-		log.Printf("%s 请求登陆!\n", r.RemoteAddr)
+		log.Printf("%q 请求登陆!\n", util.GetRequestIPStr(r))
 	}
 }