mirror of
https://github.com/ZLMediaKit/ZLMediaKit.git
synced 2024-11-29 22:55:52 +08:00
ip白名单机制只对需要secret校验的http api生效
This commit is contained in:
parent
22e3872cd4
commit
e81efec96e
@ -238,11 +238,6 @@ static inline void addHttpListener(){
|
|||||||
//该api已被消费
|
//该api已被消费
|
||||||
consumed = true;
|
consumed = true;
|
||||||
|
|
||||||
if (!HttpFileManager::isIPAllowed(sender.get_peer_ip())) {
|
|
||||||
invoker(403, HttpSession::KeyValue(), "Your ip is not allowed to access the service.");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(api_debug){
|
if(api_debug){
|
||||||
auto newInvoker = [invoker, parser](int code, const HttpSession::KeyValue &headerOut, const HttpBody::Ptr &body) {
|
auto newInvoker = [invoker, parser](int code, const HttpSession::KeyValue &headerOut, const HttpBody::Ptr &body) {
|
||||||
//body默认为空
|
//body默认为空
|
||||||
@ -593,7 +588,8 @@ void installWebApi() {
|
|||||||
|
|
||||||
//获取线程负载
|
//获取线程负载
|
||||||
//测试url http://127.0.0.1/index/api/getThreadsLoad
|
//测试url http://127.0.0.1/index/api/getThreadsLoad
|
||||||
api_regist("/index/api/getThreadsLoad",[](API_ARGS_MAP_ASYNC){
|
api_regist("/index/api/getThreadsLoad", [](API_ARGS_MAP_ASYNC) {
|
||||||
|
CHECK_SECRET();
|
||||||
EventPollerPool::Instance().getExecutorDelay([invoker, headerOut](const vector<int> &vecDelay) {
|
EventPollerPool::Instance().getExecutorDelay([invoker, headerOut](const vector<int> &vecDelay) {
|
||||||
Value val;
|
Value val;
|
||||||
auto vec = EventPollerPool::Instance().getExecutorLoad();
|
auto vec = EventPollerPool::Instance().getExecutorLoad();
|
||||||
@ -611,7 +607,8 @@ void installWebApi() {
|
|||||||
|
|
||||||
//获取后台工作线程负载
|
//获取后台工作线程负载
|
||||||
//测试url http://127.0.0.1/index/api/getWorkThreadsLoad
|
//测试url http://127.0.0.1/index/api/getWorkThreadsLoad
|
||||||
api_regist("/index/api/getWorkThreadsLoad", [](API_ARGS_MAP_ASYNC){
|
api_regist("/index/api/getWorkThreadsLoad", [](API_ARGS_MAP_ASYNC) {
|
||||||
|
CHECK_SECRET();
|
||||||
WorkThreadPool::Instance().getExecutorDelay([invoker, headerOut](const vector<int> &vecDelay) {
|
WorkThreadPool::Instance().getExecutorDelay([invoker, headerOut](const vector<int> &vecDelay) {
|
||||||
Value val;
|
Value val;
|
||||||
auto vec = WorkThreadPool::Instance().getExecutorLoad();
|
auto vec = WorkThreadPool::Instance().getExecutorLoad();
|
||||||
|
@ -221,14 +221,21 @@ bool checkArgs(Args &args, const First &first, const KeyTypes &...keys) {
|
|||||||
throw InvalidArgsException("缺少必要参数:" #__VA_ARGS__); \
|
throw InvalidArgsException("缺少必要参数:" #__VA_ARGS__); \
|
||||||
}
|
}
|
||||||
|
|
||||||
//检查http参数中是否附带secret密钥的宏,127.0.0.1的ip不检查密钥
|
// 检查http参数中是否附带secret密钥的宏,127.0.0.1的ip不检查密钥
|
||||||
|
// 同时检测是否在ip白名单内
|
||||||
#define CHECK_SECRET() \
|
#define CHECK_SECRET() \
|
||||||
if(sender.get_peer_ip() != "127.0.0.1"){ \
|
do { \
|
||||||
CHECK_ARGS("secret"); \
|
auto ip = sender.get_peer_ip(); \
|
||||||
if(api_secret != allArgs["secret"]){ \
|
if (!HttpFileManager::isIPAllowed(ip)) { \
|
||||||
throw AuthException("secret错误"); \
|
throw AuthException("Your ip is not allowed to access the service."); \
|
||||||
} \
|
} \
|
||||||
}
|
if (ip != "127.0.0.1") { \
|
||||||
|
CHECK_ARGS("secret"); \
|
||||||
|
if (api_secret != allArgs["secret"]) { \
|
||||||
|
throw AuthException("secret错误"); \
|
||||||
|
} \
|
||||||
|
} \
|
||||||
|
} while(false);
|
||||||
|
|
||||||
void installWebApi();
|
void installWebApi();
|
||||||
void unInstallWebApi();
|
void unInstallWebApi();
|
||||||
|
Loading…
Reference in New Issue
Block a user