概述
需求:当我们的请求在我们条件内的主机上时只允许balance.query和asset.list请求,其余主机不受限制
1、部署nginx以及添加lua模块
upstream algoapp {
server 192.168.1.91:8080;
}
server {
listen 80;
server_name abc.test;
location / {
if ($request_method = POST ) {
set $upstream '';
access_by_lua '
ngx.req.read_body()
local data = ngx.req.get_body_data()
local match = ngx.re.match(ngx.var.request_body, "balance.query|asset.list")
local addr = ngx.re.match(ngx.var.remote_addr, "172.16.3.11|172.16.3.20|192.168.1.27|192.168.1.60|172.16.9.2|192.168.1.159")
if addr then
if match then
ngx.var.upstream = "algoapp"
else
return 403
end
else
ngx.var.upstream = "algoapp"
end ' ;
proxy_pass http://$upstream;
}
#proxy_pass http://algoapp;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
测试:
1、在条件内的不同主机上执行balance.query请求
在主机192.168.1.159
[root@openvpn data]# ifconfig |grep "192.168.1.159"
inet 192.168.1.159 netmask 255.255.255.0 broadcast 192.168.1.255
[root@openvpn data]# curl -H "Content-Type: application/json" -X POST -d '{"method":"balance.query","id":1,"jsonrpc":"2.0","params":[634272,"AITD"]}' http://abc.test
{
"error": null,
"result": [
{
"asset": "AITD",
"available": "0",
"freeze": "0"
}
],
"id": 1
}
在非主机192.168.1.36
[root@build-serice jenkins]# ifconfig |grep "192.168.1.36"
inet 192.168.1.36 netmask 255.255.255.0 broadcast 192.168.1.255
[root@build-serice jenkins]# curl -H "Content-Type: application/json" -X POST -d '{"method":"balance.query","id":1,"jsonrpc":"2.0","params":[634272,"AITD"]}' http://abc.test
{
"error": null,
"result": [
{
"asset": "AITD",
"available": "0",
"freeze": "0"
}
],
"id": 1
}
显示都可以操作,此时符合需求
2、测试asset.list请求
在条件主机192.168.1.159
[root@openvpn data]# curl -X POST --data '{"jsonrpc":"2.0","method":"asset.list","params":[], "id":1}' -H 'Content-Type: application/json' http://match-reward.sgpexchange.test
{
"error": null,
"result": [
{
"name": "1INCH",
"prec": 8
},
{
"name": "ABC",
"prec": 8
},
{
"name": "ADA",
"prec": 8
},
{
"name": "AITD",
"prec": 8
},
{
"name": "ARC",
"prec": 8
},
{
"name": "BANK",
"prec": 8
},
{
"name": "BANK_AITD",
"prec": 8
},
{
"name": "BANK_BTC",
"prec": 8
},
{
"name": "BANK_ETH",
"prec": 8
},
{
"name": "BANK_TRX",
"prec": 8
},
{
"name": "BANK_USDT",
"prec": 8
},
{
"name": "BCH",
"prec": 8
},
{
"name": "BSV",
"prec": 8
},
{
"name": "BTC",
"prec": 8
},
{
"name": "CIDT",
"prec": 8
},
{
"name": "CRET",
"prec": 8
},
{
"name": "DASH",
"prec": 8
},
{
"name": "DOT",
"prec": 8
},
{
"name": "EOS",
"prec": 8
},
{
"name": "ETC",
"prec": 8
},
{
"name": "ETH",
"prec": 8
},
{
"name": "LC_1INCH",
"prec": 8
},
{
"name": "LC_ABC",
"prec": 8
},
{
"name": "LC_ADA",
"prec": 8
},
{
"name": "LC_AITD",
"prec": 8
},
{
"name": "LC_ARC",
"prec": 8
},
{
"name": "LC_BANK",
"prec": 8
},
{
"name": "LC_BANK_AITD",
"prec": 8
},
{
"name": "LC_BANK_BTC",
"prec": 8
},
{
"name": "LC_BANK_ETH",
"prec": 8
},
{
"name": "LC_BANK_TRX",
"prec": 8
},
{
"name": "LC_BANK_USDT",
"prec": 8
},
{
"name": "LC_BCH",
"prec": 8
},
{
"name": "LC_BSV",
"prec": 8
},
{
"name": "LC_BTC",
"prec": 8
},
{
"name": "LC_CIDT",
"prec": 8
},
{
"name": "LC_CRET",
"prec": 8
},
{
"name": "LC_DASH",
"prec": 8
},
{
"name": "LC_DOT",
"prec": 8
},
{
"name": "LC_EOS",
"prec": 8
},
{
"name": "LC_ETC",
"prec": 8
},
{
"name": "LC_ETH",
"prec": 8
},
{
"name": "LC_LINK",
"prec": 8
},
{
"name": "LC_LTC",
"prec": 8
},
{
"name": "LC_LUNA",
"prec": 8
},
{
"name": "LC_NEO",
"prec": 8
},
{
"name": "LC_TRX",
"prec": 8
},
{
"name": "LC_UNI",
"prec": 8
},
{
"name": "LC_USDT",
"prec": 8
},
{
"name": "LC_VET",
"prec": 8
},
{
"name": "LC_XMR",
"prec": 8
},
{
"name": "LC_XRP",
"prec": 8
},
{
"name": "LC_YOHO",
"prec": 8
},
{
"name": "LINK",
"prec": 8
},
{
"name": "LTC",
"prec": 8
},
{
"name": "LUNA",
"prec": 8
},
{
"name": "NEO",
"prec": 8
},
{
"name": "TRX",
"prec": 8
},
{
"name": "UNI",
"prec": 8
},
{
"name": "USDT",
"prec": 8
},
{
"name": "VET",
"prec": 8
},
{
"name": "XMR",
"prec": 8
},
{
"name": "XRP",
"prec": 8
},
{
"name": "YOHO",
"prec": 8
}
],
"id": 1
}
在非条件主机192.168.1.36
[root@build-serice jenkins]# curl -X POST --data '{"jsonrpc":"2.0","method":"asset.list","params":[], "id":1}' -H 'Content-Type: application/json' http://match-reward.sgpexchange.test
{
"error": null,
"result": [
{
"name": "1INCH",
"prec": 8
},
{
"name": "ABC",
"prec": 8
},
{
"name": "ADA",
"prec": 8
},
{
"name": "AITD",
"prec": 8
},
{
"name": "ARC",
"prec": 8
},
{
"name": "BANK",
"prec": 8
},
{
"name": "BANK_AITD",
"prec": 8
},
{
"name": "BANK_BTC",
"prec": 8
},
{
"name": "BANK_ETH",
"prec": 8
},
{
"name": "BANK_TRX",
"prec": 8
},
{
"name": "BANK_USDT",
"prec": 8
},
{
"name": "BCH",
"prec": 8
},
{
"name": "BSV",
"prec": 8
},
{
"name": "BTC",
"prec": 8
},
{
"name": "CIDT",
"prec": 8
},
{
"name": "CRET",
"prec": 8
},
{
"name": "DASH",
"prec": 8
},
{
"name": "DOT",
"prec": 8
},
{
"name": "EOS",
"prec": 8
},
{
"name": "ETC",
"prec": 8
},
{
"name": "ETH",
"prec": 8
},
{
"name": "LC_1INCH",
"prec": 8
},
{
"name": "LC_ABC",
"prec": 8
},
{
"name": "LC_ADA",
"prec": 8
},
{
"name": "LC_AITD",
"prec": 8
},
{
"name": "LC_ARC",
"prec": 8
},
{
"name": "LC_BANK",
"prec": 8
},
{
"name": "LC_BANK_AITD",
"prec": 8
},
{
"name": "LC_BANK_BTC",
"prec": 8
},
{
"name": "LC_BANK_ETH",
"prec": 8
},
{
"name": "LC_BANK_TRX",
"prec": 8
},
{
"name": "LC_BANK_USDT",
"prec": 8
},
{
"name": "LC_BCH",
"prec": 8
},
{
"name": "LC_BSV",
"prec": 8
},
{
"name": "LC_BTC",
"prec": 8
},
{
"name": "LC_CIDT",
"prec": 8
},
{
"name": "LC_CRET",
"prec": 8
},
{
"name": "LC_DASH",
"prec": 8
},
{
"name": "LC_DOT",
"prec": 8
},
{
"name": "LC_EOS",
"prec": 8
},
{
"name": "LC_ETC",
"prec": 8
},
{
"name": "LC_ETH",
"prec": 8
},
{
"name": "LC_LINK",
"prec": 8
},
{
"name": "LC_LTC",
"prec": 8
},
{
"name": "LC_LUNA",
"prec": 8
},
{
"name": "LC_NEO",
"prec": 8
},
{
"name": "LC_TRX",
"prec": 8
},
{
"name": "LC_UNI",
"prec": 8
},
{
"name": "LC_USDT",
"prec": 8
},
{
"name": "LC_VET",
"prec": 8
},
{
"name": "LC_XMR",
"prec": 8
},
{
"name": "LC_XRP",
"prec": 8
},
{
"name": "LC_YOHO",
"prec": 8
},
{
"name": "LINK",
"prec": 8
},
{
"name": "LTC",
"prec": 8
},
{
"name": "LUNA",
"prec": 8
},
{
"name": "NEO",
"prec": 8
},
{
"name": "TRX",
"prec": 8
},
{
"name": "UNI",
"prec": 8
},
{
"name": "USDT",
"prec": 8
},
{
"name": "VET",
"prec": 8
},
{
"name": "XMR",
"prec": 8
},
{
"name": "XRP",
"prec": 8
},
{
"name": "YOHO",
"prec": 8
}
],
"id": 1
}
此时测试也符合要求,在条件主机和非条件主机对应的两个接口都不受影响
3、测试非条件请求在条件主机上的测试
上面已经测试了条件请求在条件主机上能正常请求
非条件请求asset.summary在条件主机上的请求
在条件主机上:192.168.1.159
[root@openvpn data]#ifconfig |grep "192.168.1.159"
inet 192.168.1.159 netmask 255.255.255.0 broadcast 192.168.1.255
[root@openvpn data]# curl -H "Content-Type: application/json" -X POST -d '{"jsonrpc":"2.0","method":"asset.summary","params":["BTC","BCH"], "id":1}' http://match-reward.sgpexchange.test
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>500 Internal Server Error</title></head>
<body>
<center><h1>500 Internal Server Error</h1></center>
Sorry for the inconvenience.<br/>
Please report this message and include the following information to us.<br/>
Thank you very much!</p>
<table>
<tr>
<td>URL:</td>
<td>http://match-reward.sgpexchange.test/</td>
</tr>
<tr>
<td>Server:</td>
<td>dev-192-168-1-60</td>
</tr>
<tr>
<td>Date:</td>
<td>2022/11/25 17:19:18</td>
</tr>
</table>
<hr/>Powered by Tengine<hr><center>tengine</center>
</body>
</html>
非条件主机:192.168.1.36
同样的请求
[root@build-serice jenkins]# curl -H "Content-Type: application/json" -X POST -d '{"jsonrpc":"2.0","method":"asset.summary","params":["BTC","BCH"], "id":1}' http://abc.test
{
"error": null,
"result": [
{
"name": "BTC",
"total_balance": "113205.6303438",
"available_count": 29,
"available_balance": "113203.4504888",
"freeze_count": 1,
"freeze_balance": "2.179855"
},
{
"name": "BCH",
"total_balance": "0",
"available_count": 0,
"available_balance": "0",
"freeze_count": 0,
"freeze_balance": "0"
}
],
"id": 1
}
能正常请求
4、条件主机上的不同请求
条件主机:192.168.1.159
1)asset.summary请求不允许
[root@openvpn data]# curl -H "Content-Type: application/json" -X POST -d '{"jsonrpc":"2.0","method":"asset.summary","params":["BTC","BCH"], "id":1}' http://abc.test
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>500 Internal Server Error</title></head>
<body>
<center><h1>500 Internal Server Error</h1></center>
Sorry for the inconvenience.<br/>
Please report this message and include the following information to us.<br/>
Thank you very much!</p>
<table>
<tr>
<td>URL:</td>
<td>http://match-reward.sgpexchange.test/</td>
</tr>
<tr>
<td>Server:</td>
<td>dev-192-168-1-60</td>
</tr>
<tr>
<td>Date:</td>
<td>2022/11/25 17:19:18</td>
</tr>
</table>
<hr/>Powered by Tengine<hr><center>tengine</center>
</body>
</html>
2)balance.query请求允许
[root@openvpn data]# curl -H "Content-Type: application/json" -X POST -d '{"method":"balance.query","id":1,"jsonrpc":"2.0","params":[634272,"AITD"]}' http://abc.test
{
"error": null,
"result": [
{
"asset": "AITD",
"available": "0",
"freeze": "0"
}
],
"id": 1
}
3)asset.list请求允许
[root@openvpn data]#curl -X POST --data '{"jsonrpc":"2.0","method":"asset.list","params":[], "id":1}' -H 'Content-Type: application/json' http://abc.test
{
"error": null,
"result": [
{
"name": "1INCH",
"prec": 8
},
{
"name": "ABC",
"prec": 8
},
{
"name": "ADA",
"prec": 8
},
{
"name": "AITD",
"prec": 8
},
{
"name": "ARC",
"prec": 8
},
{
"name": "BANK",
"prec": 8
},
{
"name": "BANK_AITD",
"prec": 8
},
{
"name": "BANK_BTC",
"prec": 8
},
{
"name": "BANK_ETH",
"prec": 8
},
{
"name": "BANK_TRX",
"prec": 8
},
{
"name": "BANK_USDT",
"prec": 8
},
{
"name": "BCH",
"prec": 8
},
{
"name": "BSV",
"prec": 8
},
{
"name": "BTC",
"prec": 8
},
{
"name": "CIDT",
"prec": 8
},
{
"name": "CRET",
"prec": 8
},
{
"name": "DASH",
"prec": 8
},
{
"name": "DOT",
"prec": 8
},
{
"name": "EOS",
"prec": 8
},
{
"name": "ETC",
"prec": 8
},
{
"name": "ETH",
"prec": 8
},
{
"name": "LC_1INCH",
"prec": 8
},
{
"name": "LC_ABC",
"prec": 8
},
{
"name": "LC_ADA",
"prec": 8
},
{
"name": "LC_AITD",
"prec": 8
},
{
"name": "LC_ARC",
"prec": 8
},
{
"name": "LC_BANK",
"prec": 8
},
{
"name": "LC_BANK_AITD",
"prec": 8
},
{
"name": "LC_BANK_BTC",
"prec": 8
},
{
"name": "LC_BANK_ETH",
"prec": 8
},
{
"name": "LC_BANK_TRX",
"prec": 8
},
{
"name": "LC_BANK_USDT",
"prec": 8
},
{
"name": "LC_BCH",
"prec": 8
},
{
"name": "LC_BSV",
"prec": 8
},
{
"name": "LC_BTC",
"prec": 8
},
{
"name": "LC_CIDT",
"prec": 8
},
{
"name": "LC_CRET",
"prec": 8
},
{
"name": "LC_DASH",
"prec": 8
},
{
"name": "LC_DOT",
"prec": 8
},
{
"name": "LC_EOS",
"prec": 8
},
{
"name": "LC_ETC",
"prec": 8
},
{
"name": "LC_ETH",
"prec": 8
},
{
"name": "LC_LINK",
"prec": 8
},
{
"name": "LC_LTC",
"prec": 8
},
{
"name": "LC_LUNA",
"prec": 8
},
{
"name": "LC_NEO",
"prec": 8
},
{
"name": "LC_TRX",
"prec": 8
},
{
"name": "LC_UNI",
"prec": 8
},
{
"name": "LC_USDT",
"prec": 8
},
{
"name": "LC_VET",
"prec": 8
},
{
"name": "LC_XMR",
"prec": 8
},
{
"name": "LC_XRP",
"prec": 8
},
{
"name": "LC_YOHO",
"prec": 8
},
{
"name": "LINK",
"prec": 8
},
{
"name": "LTC",
"prec": 8
},
{
"name": "LUNA",
"prec": 8
},
{
"name": "NEO",
"prec": 8
},
{
"name": "TRX",
"prec": 8
},
{
"name": "UNI",
"prec": 8
},
{
"name": "USDT",
"prec": 8
},
{
"name": "VET",
"prec": 8
},
{
"name": "XMR",
"prec": 8
},
{
"name": "XRP",
"prec": 8
},
{
"name": "YOHO",
"prec": 8
}
],
"id": 1
}
最后
以上就是粗暴指甲油为你收集整理的nginx使用lua通过request_body按条件开放访问权限的全部内容,希望文章能够帮你解决nginx使用lua通过request_body按条件开放访问权限所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复