自动将API节点的IP加入到白名单，防止误封

2025-11-25 08:20:26 +08:00 · 2021-12-06 10:09:37 +08:00
parent 03a4463fff
commit 4f129fa49f
3 changed files with 66 additions and 2 deletions
--- a/internal/db/models/api_node_dao.go
+++ b/internal/db/models/api_node_dao.go
@@ -8,9 +8,11 @@ import (
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/rands"
 	"github.com/iwind/TeaGo/types"
+	"net"
 	"strconv"
 	"strings"
 )
@@ -321,3 +323,51 @@ func (this *APINodeDAO) CountAllEnabledAPINodesWithSSLPolicyIds(tx *dbs.Tx, sslP
 		Param("policyIds", strings.Join(policyStringIds, ",")).
 		Count()
 }
+
+// FindAllEnabledAPIAccessIPs 获取所有的API可访问IP地址
+func (this *APINodeDAO) FindAllEnabledAPIAccessIPs(tx *dbs.Tx, cacheMap *utils.CacheMap) ([]string, error) {
+	var cacheKey = this.Table + ":FindAllEnabledAPIAccessIPs"
+	if cacheMap != nil {
+		cache, ok := cacheMap.Get(cacheKey)
+		if ok {
+			return cache.([]string), nil
+		}
+	}
+
+	ones, _, err := this.Query(tx).
+		State(APINodeStateEnabled).
+		Result("JSON_EXTRACT(accessAddrs, '$[*].host') AS host").
+		FindOnes()
+	if err != nil {
+		return nil, err
+	}
+	var result = []string{}
+	for _, one := range ones {
+		var host = one.GetString("host")
+		if len(host) == 0 {
+			continue
+		}
+
+		var ips = []string{}
+		err = json.Unmarshal([]byte(host), &ips)
+		if err != nil {
+			continue
+		}
+
+		for _, ip := range ips {
+			if !lists.ContainsString(result, ip) {
+				if net.ParseIP(ip) == nil {
+					continue
+				}
+
+				result = append(result, ip)
+			}
+		}
+	}
+
+	if cacheMap != nil {
+		cacheMap.Put(cacheKey, result)
+	}
+
+	return result, nil
+}