中间件网关登录策略-IP限制
This commit is contained in:
TsMask
@@ -4,7 +4,6 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
@@ -30,20 +29,16 @@ func ArrowIPAddr(next http.Handler) http.Handler {
|
||||
next.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
startIP := data["start_IP"].(string)
|
||||
endIP := data["end_IP"].(string)
|
||||
ipRange := data["ipRange"].(string)
|
||||
logintimeRange := data["logintime_range"].(string)
|
||||
|
||||
// 检查ip
|
||||
okPer3 := parsePer3(ipAddr, startIP, endIP)
|
||||
if !okPer3 {
|
||||
services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制")
|
||||
return
|
||||
}
|
||||
okLast4 := parseLast4(ipAddr, startIP, endIP)
|
||||
if !okLast4 {
|
||||
services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制")
|
||||
return
|
||||
ips := strings.Split(ipRange, "/")
|
||||
for _, ip := range ips {
|
||||
if ipAddr != ip {
|
||||
services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制: "+ipAddr)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// 检查开放时间
|
||||
@@ -70,55 +65,3 @@ func ArrowIPAddr(next http.Handler) http.Handler {
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
// 判断第四位网段 ?.?.?.x
|
||||
func parseLast4(ipAddr, startIP, endIP string) bool {
|
||||
ipLastIdx := strings.LastIndex(ipAddr, ".")
|
||||
ipLastStr := ipAddr[ipLastIdx+1:]
|
||||
ipLastInt, err := strconv.Atoi(ipLastStr)
|
||||
if err != nil {
|
||||
ipLastInt = 0
|
||||
}
|
||||
|
||||
startIPLastIdx := strings.LastIndex(startIP, ".")
|
||||
startIPLastStr := ipAddr[startIPLastIdx+1:]
|
||||
startIPLastInt, err := strconv.Atoi(startIPLastStr)
|
||||
if err != nil {
|
||||
startIPLastInt = 0
|
||||
}
|
||||
|
||||
if ipLastInt >= startIPLastInt {
|
||||
return true
|
||||
}
|
||||
|
||||
endIPLastIdx := strings.LastIndex(endIP, ".")
|
||||
endIPLastStr := ipAddr[endIPLastIdx+1:]
|
||||
endIPLastInt, err := strconv.Atoi(endIPLastStr)
|
||||
if err != nil {
|
||||
endIPLastInt = 0
|
||||
}
|
||||
|
||||
if ipLastInt >= endIPLastInt {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// 判断前三位网段 x.x.x.?
|
||||
func parsePer3(ipAddr, startIP, endIP string) bool {
|
||||
ipPerIdx := strings.LastIndex(ipAddr, ".")
|
||||
ipPerStr := ipAddr[:ipPerIdx]
|
||||
|
||||
startIPPerIdx := strings.LastIndex(startIP, ".")
|
||||
startIPPerStr := startIP[:startIPPerIdx]
|
||||
if ipPerStr == startIPPerStr {
|
||||
return true
|
||||
}
|
||||
|
||||
endIPPerIdx := strings.LastIndex(endIP, ".")
|
||||
endIPPerStr := endIP[:endIPPerIdx]
|
||||
if ipPerStr == endIPPerStr {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user