From 8b300036cddff94414966d4576e19bf979931a3c Mon Sep 17 00:00:00 2001
From: TsMask <340112800@qq.com>
Date: Sat, 26 Aug 2023 15:13:07 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=AD=E9=97=B4=E4=BB=B6=E7=BD=91=E5=85=B3?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E7=AD=96=E7=95=A5-IP=E9=99=90=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/midware/arrow_ip_addr.go | 71 ++++--------------------------------
 1 file changed, 7 insertions(+), 64 deletions(-)

diff --git a/lib/midware/arrow_ip_addr.go b/lib/midware/arrow_ip_addr.go
index 3302070c..042beb1b 100644
--- a/lib/midware/arrow_ip_addr.go
+++ b/lib/midware/arrow_ip_addr.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
-	"strconv"
 	"strings"
 	"time"
 
@@ -30,20 +29,16 @@ func ArrowIPAddr(next http.Handler) http.Handler {
 			next.ServeHTTP(w, r)
 			return
 		}
-		startIP := data["start_IP"].(string)
-		endIP := data["end_IP"].(string)
+		ipRange := data["ipRange"].(string)
 		logintimeRange := data["logintime_range"].(string)
 
 		// 检查ip
-		okPer3 := parsePer3(ipAddr, startIP, endIP)
-		if !okPer3 {
-			services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制")
-			return
-		}
-		okLast4 := parseLast4(ipAddr, startIP, endIP)
-		if !okLast4 {
-			services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制")
-			return
+		ips := strings.Split(ipRange, "/")
+		for _, ip := range ips {
+			if ipAddr != ip {
+				services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制: "+ipAddr)
+				return
+			}
 		}
 
 		// 检查开放时间
@@ -70,55 +65,3 @@ func ArrowIPAddr(next http.Handler) http.Handler {
 		}
 	})
 }
-
-// 判断第四位网段 ?.?.?.x
-func parseLast4(ipAddr, startIP, endIP string) bool {
-	ipLastIdx := strings.LastIndex(ipAddr, ".")
-	ipLastStr := ipAddr[ipLastIdx+1:]
-	ipLastInt, err := strconv.Atoi(ipLastStr)
-	if err != nil {
-		ipLastInt = 0
-	}
-
-	startIPLastIdx := strings.LastIndex(startIP, ".")
-	startIPLastStr := ipAddr[startIPLastIdx+1:]
-	startIPLastInt, err := strconv.Atoi(startIPLastStr)
-	if err != nil {
-		startIPLastInt = 0
-	}
-
-	if ipLastInt >= startIPLastInt {
-		return true
-	}
-
-	endIPLastIdx := strings.LastIndex(endIP, ".")
-	endIPLastStr := ipAddr[endIPLastIdx+1:]
-	endIPLastInt, err := strconv.Atoi(endIPLastStr)
-	if err != nil {
-		endIPLastInt = 0
-	}
-
-	if ipLastInt >= endIPLastInt {
-		return true
-	}
-	return false
-}
-
-// 判断前三位网段 x.x.x.?
-func parsePer3(ipAddr, startIP, endIP string) bool {
-	ipPerIdx := strings.LastIndex(ipAddr, ".")
-	ipPerStr := ipAddr[:ipPerIdx]
-
-	startIPPerIdx := strings.LastIndex(startIP, ".")
-	startIPPerStr := startIP[:startIPPerIdx]
-	if ipPerStr == startIPPerStr {
-		return true
-	}
-
-	endIPPerIdx := strings.LastIndex(endIP, ".")
-	endIPPerStr := endIP[:endIPPerIdx]
-	if ipPerStr == endIPPerStr {
-		return true
-	}
-	return false
-}