diff --git a/backend/app/services/active_ip.py b/backend/app/services/active_ip.py index 1724f6e..b5d8258 100644 --- a/backend/app/services/active_ip.py +++ b/backend/app/services/active_ip.py @@ -43,23 +43,17 @@ def get_client_ip(request: Request) -> str: 仅在配置 trust_x_forwarded_for=True 时信任 1+2,否则只用 3。 """ - import sys - xff_raw = request.headers.get("x-forwarded-for") - xri_raw = request.headers.get("x-real-ip") - client_host = request.client.host if request.client else None - print(f"[GET_CLIENT_IP] xff={xff_raw!r} xri={xri_raw!r} client_host={client_host!r} trust={settings.trust_x_forwarded_for}", file=sys.stderr, flush=True) if settings.trust_x_forwarded_for: - xff = xff_raw + xff = request.headers.get("x-forwarded-for") if xff: ip = xff.split(",")[0].strip() if ip: - print(f"[GET_CLIENT_IP] -> use xff split[0] = {ip!r}", file=sys.stderr, flush=True) return ip - xri = xri_raw + xri = request.headers.get("x-real-ip") if xri: return xri.strip() - if client_host: - return client_host + if request.client and request.client.host: + return request.client.host return "unknown" @@ -84,8 +78,6 @@ async def check_or_register_login_ip(ip: str) -> None: r = get_redis() now = int(time.time()) limit = settings.site_max_active_ips - import sys - print(f"[CHECK] ip={ip!r} limit={limit}", file=sys.stderr, flush=True) # 看 IP 是否已在 set existing = await r.zscore(REDIS_KEY, ip) @@ -166,13 +158,7 @@ async def touch_ip_dependency(request: Request) -> None: 不会失败(吞掉异常),避免 Redis 抖动影响正常请求。 """ try: - import sys ip = get_client_ip(request) - # 临时诊断:看实际 IP 提取 - xff = request.headers.get("x-forwarded-for") - xri = request.headers.get("x-real-ip") - client_host = request.client.host if request.client else None - print(f"[TOUCH_DEP] ip={ip!r} xff={xff!r} xri={xri!r} client_host={client_host!r}", file=sys.stderr, flush=True) await touch_active_ip(ip) except Exception as e: # noqa: BLE001 logger.debug("touch_active_ip failed (ignored): %s", e)