首页 发现 帮助
注册 登录
ushio
/
video_system
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: a85cb06637
分支列表 标签列表
video_system
/
app
/
Http
/
Middleware
/
AccessKeyMiddleware.php

AccessKeyMiddleware.php 1.5 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use Closure;
    6. 

  6. use Illuminate\Http\Request;
    7. 

  7. use Illuminate\Support\Facades\Config;
    8. 

  8. 

  9. class AccessKeyMiddleware
    10. 

  10. {
    11. 

  11.     public function handle(Request $request, Closure $next)
    12. 

  12.     {
    13. 

  13.         $clientIp = $request->header('X-Forwarded-For');
    14. 

  14.         if (!$clientIp) {
    15. 

  15.             $clientIp = $request->ip();
    16. 

  16.         }
    17. 

  17.         $accessKeyInHeader = $request->header('accesskey');
    18. 

  18.         $accessKeyInEnv = env('VALID_ACCESS_KEY');
    19. 

  19.         $internalIpRanges = [
    20. 

  20.             '10.0.0.0/8',
    21. 

  21.             '172.16.0.0/12',
    22. 

  22.             '192.168.0.0/16'
    23. 

  23.         ];
    24. 

  24.         $isInternalIp = false;
    25. 

  25.         foreach ($internalIpRanges as $range) {
    26. 

  26.             if (strpos($range, '/')!== false) {
    27. 

  27.                 list($subnet, $bits) = explode('/', $range);
    28. 

  28.                 $ipLong = ip2long($clientIp);
    29. 

  29.                 $subnetLong = ip2long($subnet);
    30. 

  30.                 $mask = -1 << (32 - $bits);
    31. 

  31.                 if (($ipLong & $mask) === ($subnetLong & $mask)) {
    32. 

  32.                     $isInternalIp = true;
    33. 

  33.                     break;
    34. 

  34.                 }
    35. 

  35.             } elseif ($clientIp === $range) {
    36. 

  36.                 $isInternalIp = true;
    37. 

  37.                 break;
    38. 

  38.             }
    39. 

  39.         }
    40. 

  40. 

  41.         if ($accessKeyInHeader == $accessKeyInEnv && !empty($accessKeyInHeader)) {
    42. 

  42.             return $next($request);
    43. 

  43.         } else if($isInternalIp) {
    44. 

  44.             return $next($request);
    45. 

  45.         } else  {
    46. 

  46.             return response()->json(['message' => 'Access denied'], 403);
    47. 

  47.         }
    48. 

  48.     }
    49. 

  49. 

  50. 

  51. }
    52.