ruby-on-rails-3 - 如何通过 IP 地址限制对所有设备 Controller 的访问？

Question

如何通过 IP 地址限制对所有设备 Controller 的访问？我试图只允许来自特定 IP 地址的用户查看管理界面/页面。

我找到了这种方法。这是在之前的过滤器中包含一个 restrict_access 方法。但是，如果我必须在我当前使用的所有 Devise Controller 上复制此方法，则有点重复。

有没有更好的方法？

class Admin::SessionsController < Devise::SessionsController

  before_filter :restrict_access

  # Needed to restrict access to a set of IP's only. We don't want random users trying to access the admin interface
    def restrict_access
      if Rails.env == 'development' or Rails.env == 'test'
        whitelist = ['59.120.201.20', '59.120.201.21'].freeze
      else
        whitelist = ['59.120.201.20', '59.120.201.21'].freeze
      end

      unless whitelist.include? request.remote_ip
        redirect_to root_path, :notice => 'Access denied!'
      end
    end
...

Answer 1

像下面这样构建一个类并将其放在 RAILS_ROOT/lib/blacklist_constraint.rb 中。

class BlacklistConstraint
  def initialize
    if Rails.env == 'development' or Rails.env == 'test'
      @whitelist = ['59.120.201.20', '59.120.201.21'].freeze
    else
      @whitelist = ['59.120.201.20', '59.120.201.21'].freeze
    end
  end

  def matches?(request)
    !@whitelist.include?(request.remote_ip)
  end
end

...并在您的 routes.rb 文件中...

match "*", :constraints => BlacklistConstraint.new, :controller => "blacklist", :action => "my_access_denied_action"

您可能需要在初始化程序中加载类，或修改 config/application.rb 中的 config.autoload_paths += %W(#{Rails.root}/lib) (Rails3.x).