从Rails API GET请求收集客户端域
[英]Gather Client Domain from Rails API GET Request
问题描述
What is the easiest way to capture the domain of a client request on a Rails API? 
在Rails API上捕获客户端请求的域的最简单方法是什么?
Example: 例:
If I use https://www.hurl.it/ to post a GET request to: 如果我使用https://www.hurl.it/将GET请求发布到:
https://staging.mysite.com/api/v1/products?access_token=7b9f3cddd3914a6f45fa692997fe6dc9 https://staging.mysite.com/api/v1/products?access_token=7b9f3cddd3914a6f45fa692997fe6dc9
How do I capture that the request is coming from hurl.it? 如何捕获请求来自hurl.it? I've tried: 我试过了:
- request.host request.host
- request.url request.url
- request.referer request.referer
- request.headers['origin'] request.headers [ '原点']
I need this since I check the access token and that the request is coming from the domain that the access token is registered with. 我需要这个,因为我检查了访问令牌,并且请求来自注册了访问令牌的域。
API Controller: API控制器:
module Api
module V1
class ApiController < ApplicationController
respond_to :json
before_filter :restrict_access
private
def restrict_access
api_app = ApiApp.find_by_access_token(params[:access_token])
binding.pry
head :unauthorized unless (api_app && (api_app.request_origin.include? request.host.split('?').first))
end
end
end
end
Rails version: 4.2 Rails版本:4.2
Thanks for the help! 谢谢您的帮助!
1 个解决方案
解决方案1
0 2015-06-16 20:20:19
我最终坚持使用IP地址:
head :unauthorized unless (api_app && (api_app.request_origin == request.env["HTTP_X_REAL_IP"] ||= request.env["REMOTE_ADDR"]))
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.