Ограничить доступ к определенному controllerу по IP-адресу в бета-версии ASP.NET MVC

У меня есть проект ASP.NET MVC, содержащий class AdminController и предоставляющий мне такие URls:

http://example.com/admin/AddCustomer

http://examle.com/Admin/ListCustomers

Я хочу настроить сервер / приложение так, чтобы URI, содержащие / Admin, были доступны только из сети 192.168.0.0/24 (т.е. нашей локальной сети)

Я бы хотел, чтобы этот controller был доступен только с определенных IP-адресов.

В WebForms / admin / была физической папкой, которую я мог бы ограничить в IIS … но с MVC, конечно, нет физической папки. Возможно ли это с помощью web.config или атрибутов, или мне нужно перехватить HTTP-запрос для этого?

Я знаю, что это старый вопрос, но мне нужно было иметь эту функциональность сегодня, поэтому я внедрил ее и подумал о размещении ее здесь.

Использование classа IPList отсюда ( http://www.codeproject.com/KB/IP/ipnumbers.aspx )

Атрибут фильтра FilterIPAttribute.cs:

using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Http; using System.Security.Principal; using System.Configuration; namespace Miscellaneous.Attributes.Controller { ///  /// Filter by IP address ///  public class FilterIPAttribute : AuthorizeAttribute { #region Allowed ///  /// Comma seperated string of allowable IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string AllowedSingleIPs { get; set; } ///  /// Comma seperated string of allowable IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string AllowedMaskedIPs { get; set; } ///  /// Gets or sets the configuration key for allowed single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyAllowedSingleIPs { get; set; } ///  /// Gets or sets the configuration key allowed mmasked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyAllowedMaskedIPs { get; set; } ///  /// List of allowed IPs ///  IPList allowedIPListToCheck = new IPList(); #endregion #region Denied ///  /// Comma seperated string of denied IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string DeniedSingleIPs { get; set; } ///  /// Comma seperated string of denied IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string DeniedMaskedIPs { get; set; } ///  /// Gets or sets the configuration key for denied single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyDeniedSingleIPs { get; set; } ///  /// Gets or sets the configuration key for denied masked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyDeniedMaskedIPs { get; set; } ///  /// List of denied IPs ///  IPList deniedIPListToCheck = new IPList(); #endregion ///  /// Determines whether access to the core framework is authorized. ///  /// The HTTP context, which encapsulates all HTTP-specific information about an individual HTTP request. ///  /// true if access is authorized; otherwise, false. ///  /// The  parameter is null. protected override bool IsAuthorized(HttpActionContext actionContext) { if (actionContext == null) throw new ArgumentNullException("actionContext"); string userIpAddress = ((HttpContextWrapper)actionContext.Request.Properties["MS_HttpContext"]).Request.UserHostName; try { // Check that the IP is allowed to access bool ipAllowed = CheckAllowedIPs(userIpAddress); // Check that the IP is not denied to access bool ipDenied = CheckDeniedIPs(userIpAddress); // Only allowed if allowed and not denied bool finallyAllowed = ipAllowed && !ipDenied; return finallyAllowed; } catch (Exception e) { // Log the exception, probably something wrong with the configuration } return true; // if there was an exception, then we return true } ///  /// Checks the allowed IPs. ///  /// The user ip address. ///  private bool CheckAllowedIPs(string userIpAddress) { // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(AllowedSingleIPs)) { SplitAndAddSingleIPs(AllowedSingleIPs, allowedIPListToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(AllowedMaskedIPs)) { SplitAndAddMaskedIPs(AllowedMaskedIPs, allowedIPListToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyAllowedSingleIPs)) { string configurationAllowedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedSingleIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationAllowedAdminSingleIPs, allowedIPListToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyAllowedMaskedIPs)) { string configurationAllowedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedMaskedIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminMaskedIPs)) { SplitAndAddMaskedIPs(configurationAllowedAdminMaskedIPs, allowedIPListToCheck); } } return allowedIPListToCheck.CheckNumber(userIpAddress); } ///  /// Checks the denied IPs. ///  /// The user ip address. ///  private bool CheckDeniedIPs(string userIpAddress) { // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(DeniedSingleIPs)) { SplitAndAddSingleIPs(DeniedSingleIPs, deniedIPListToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(DeniedMaskedIPs)) { SplitAndAddMaskedIPs(DeniedMaskedIPs, deniedIPListToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyDeniedSingleIPs)) { string configurationDeniedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedSingleIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationDeniedAdminSingleIPs, deniedIPListToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyDeniedMaskedIPs)) { string configurationDeniedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedMaskedIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminMaskedIPs)) { SplitAndAddMaskedIPs(configurationDeniedAdminMaskedIPs, deniedIPListToCheck); } } return deniedIPListToCheck.CheckNumber(userIpAddress); } ///  /// Splits the incoming ip string of the format "IP,IP" example "10.2.0.0,10.3.0.0" and adds the result to the IPList ///  /// The ips. /// The list. private void SplitAndAddSingleIPs(string ips,IPList list) { var splitSingleIPs = ips.Split(','); foreach (string ip in splitSingleIPs) list.Add(ip); } ///  /// Splits the incoming ip string of the format "IP;MASK,IP;MASK" example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" and adds the result to the IPList ///  /// The ips. /// The list. private void SplitAndAddMaskedIPs(string ips, IPList list) { var splitMaskedIPs = ips.Split(','); foreach (string maskedIp in splitMaskedIPs) { var ipAndMask = maskedIp.Split(';'); list.Add(ipAndMask[0], ipAndMask[1]); // IP;MASK } } public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); } } } 

Пример использования:

1. Прямое указание IP-адресов в коде

  [FilterIP( AllowedSingleIPs="10.2.5.55,192.168.2.2", AllowedMaskedIPs="10.2.0.0;255.255.0.0,192.168.2.0;255.255.255.0" )] public class HomeController { // Some code here } 

2. Или, загрузив конфигурацию из Web.config

  [FilterIP( ConfigurationKeyAllowedSingleIPs="AllowedAdminSingleIPs", ConfigurationKeyAllowedMaskedIPs="AllowedAdminMaskedIPs", ConfigurationKeyDeniedSingleIPs="DeniedAdminSingleIPs", ConfigurationKeyDeniedMaskedIPs="DeniedAdminMaskedIPs" )] public class HomeController { // Some code here }             

У вас должен быть доступ к UserHostAddress в объекте Request на вашем controllerе, чтобы сделать ограничение. Я бы предположил, что вы можете расширить AuthorizeAttribute и добавить к нему свои ограничения на IP адрес, чтобы вы могли просто украсить любые методы или controllerы, которым нужна эта защита.

Мне понадобилось решение этой проблемы в MVC4, которая могла бы обрабатывать диапазоны IPv6 и IP. Кроме того, мне нужно было использовать белые и черные списки для авторизации, но также использовать обычный процесс авторизации, когда IP-адрес не был.

Это решение, к которому я пришел после многого из @sabbour и @Richard Szalay ( как проверить входное IP-падение в определенном диапазоне IP-адресов ), поэтому я отправляю его здесь для тех, кому он может помочь.

 public class MagniAuthorizeAttribute : FilterAttribute, IAuthorizationFilter { #region Allowed public bool IsPublic { get; set; } ///  /// Comma seperated string of allowable IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string AllowedSingleIPs { get; set; } ///  /// Comma seperated string of allowable IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string AllowedIPRanges { get; set; } ///  /// Gets or sets the configuration key for allowed single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyAllowedSingleIPs { get; set; } ///  /// Gets or sets the configuration key allowed mmasked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyAllowedMaskedIPs { get; set; } #endregion #region Denied ///  /// Comma seperated string of denied IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string DeniedSingleIPs { get; set; } ///  /// Comma seperated string of denied IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string DeniedIPRanges { get; set; } ///  /// Gets or sets the configuration key for denied single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyDeniedSingleIPs { get; set; } ///  /// Gets or sets the configuration key for denied masked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyDeniedMaskedIPs { get; set; } #endregion ///  /// Checks the allowed IPs. ///  /// The user ip address. ///  private bool CheckAllowedIPs(IPAddress userIpAddress) { List allowedIPsToCheck = new List(); List allowedIPRangesToCheck = new List(); // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(AllowedSingleIPs)) { SplitAndAddSingleIPs(AllowedSingleIPs, allowedIPsToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(AllowedIPRanges)) { SplitAndAddIPRanges(AllowedIPRanges, allowedIPRangesToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyAllowedSingleIPs)) { string configurationAllowedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedSingleIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationAllowedAdminSingleIPs, allowedIPsToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyAllowedMaskedIPs)) { string configurationAllowedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedMaskedIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminMaskedIPs)) { SplitAndAddIPRanges(configurationAllowedAdminMaskedIPs, allowedIPRangesToCheck); } } return allowedIPsToCheck.Any(a => a.Equals(userIpAddress)) || allowedIPRangesToCheck.Any(a => a.IsInRange(userIpAddress)); } ///  /// Checks the denied IPs. ///  /// The user ip address. ///  private bool CheckDeniedIPs(IPAddress userIpAddress) { List deniedIPsToCheck = new List(); List deniedIPRangesToCheck = new List(); // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(DeniedSingleIPs)) { SplitAndAddSingleIPs(DeniedSingleIPs, deniedIPsToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(DeniedIPRanges)) { SplitAndAddIPRanges(DeniedIPRanges, deniedIPRangesToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyDeniedSingleIPs)) { string configurationDeniedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedSingleIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationDeniedAdminSingleIPs, deniedIPsToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyDeniedMaskedIPs)) { string configurationDeniedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedMaskedIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminMaskedIPs)) { SplitAndAddIPRanges(configurationDeniedAdminMaskedIPs, deniedIPRangesToCheck); } } return deniedIPsToCheck.Any(a => a.Equals(userIpAddress)) || deniedIPRangesToCheck.Any(a => a.IsInRange(userIpAddress)); } ///  /// Splits the incoming ip string of the format "IP,IP" example "10.2.0.0,10.3.0.0" and adds the result to the IPAddress list ///  /// The ips. /// The list. private void SplitAndAddSingleIPs(string ips, List list) { var splitSingleIPs = ips.Split(','); IPAddress ip; foreach (string ipString in splitSingleIPs) { if(IPAddress.TryParse(ipString, out ip)) list.Add(ip); } } ///  /// Splits the incoming ip ranges string of the format "IP-IP,IP-IP" example "10.2.0.0-10.2.255.255,10.3.0.0-10.3.255.255" and adds the result to the IPAddressRange list ///  /// The ips. /// The list. private void SplitAndAddIPRanges(string ips, List list) { var splitMaskedIPs = ips.Split(','); IPAddress lowerIp; IPAddress upperIp; foreach (string maskedIp in splitMaskedIPs) { var ipRange = maskedIp.Split('-'); if (IPAddress.TryParse(ipRange[0], out lowerIp) && IPAddress.TryParse(ipRange[1], out upperIp)) list.Add(new IPAddressRange(lowerIp, upperIp)); } } protected void HandleUnauthorizedRequest(AuthorizationContext context) { context.Result = new RedirectToRouteResult(new RouteValueDictionary { { "Controller", "Home" }, { "Action", "Login" }, { "OriginalURL", context.HttpContext.Request.Url.AbsoluteUri } }); } protected bool AuthorizeCore(AuthorizationContext context) { try { string userIPString = context.HttpContext.Request.UserHostName; IPAddress userIPAddress = IPAddress.Parse(userIPString); // Check that the IP is allowed to access bool? ipAllowed = CheckAllowedIPs(userIPAddress) ? true : (bool?)null; // Check that the IP is not denied to access ipAllowed = CheckDeniedIPs(userIPAddress) ? false : ipAllowed; if (ipAllowed.HasValue) { return ipAllowed.Value; } var serverSession = context.HttpContext.Session; UserSession session = null; //usersession in server session if (serverSession[Settings.HttpContextUserSession] != null) { session = (UserSession)serverSession[Settings.HttpContextUserSession]; Trace.TraceInformation($"[{MethodBase.GetCurrentMethod().Name}] UserId:" + session.UserId + ". ClientId: " + session.ClientId); return true; } //usersession in database from cookie session = UserSession.GetSession(context.HttpContext.Request.Cookies.Get("sessionId").Value); if (session != null) { Trace.TraceInformation($"[{MethodBase.GetCurrentMethod().Name}] Session found for cookie {context.HttpContext.Request.Cookies.Get("sessionId").Value}"); serverSession[Settings.HttpContextUserSession] = session; Trace.TraceInformation($"[{MethodBase.GetCurrentMethod().Name}] UserId:" + session.UserId + ". ClientId: " + session.ClientId); return true; } else { Trace.TraceInformation($"[{MethodBase.GetCurrentMethod().Name}] No session found for cookie {serverSession["cookie"]}"); return false; } } catch (Exception ex) { Trace.TraceError($"[{MethodBase.GetCurrentMethod().Name}] exception: {ex.Message} - trace {ex.StackTrace}"); return false; } } public void OnAuthorization(AuthorizationContext actionContext) { if (IsPublic == false && AuthorizeCore(actionContext) == false) { HandleUnauthorizedRequest(actionContext); } } } 

Я нашел решение sabbour превосходным, но для того, чтобы сделать два изменения более полезными для моих целей,

  1. Разрешить доступ, если допустимый список пуст. Таким образом, вы можете разрешить любой IP-адрес, просто изменив конфигурацию (например, для тестовых развертываний) или разрешите все IP-адреса, кроме явно запрещенных. Для этого я расширил список IPList, чтобы включить свойство Count и проверить его как часть CheckAllowedIPs:

     return _allowedIpListToCheck.Count == 0 || _allowedIpListToCheck.CheckNumber(userIpAddress); 
  2. Override HandleUnauthorizedRequest всегда возвращает 403. Авторизованный атрибут возвращает 401 по умолчанию:

     public override void OnAuthorization(AuthorizationContext actionContext) { if (AuthorizeCore((HttpContextBase)actionContext.HttpContext)) return; HandleUnauthorizedRequest(actionContext); } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { filterContext.Result = new HttpStatusCodeResult(403, "IP Access Denied"); } 

Ниже приведено полное изменение classа FilterIpAttribute:

 public class FilterIpAttribute:AuthorizeAttribute { #region Allowed ///  /// Comma seperated string of allowable IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string AllowedSingleIPs { get; set; } ///  /// Comma seperated string of allowable IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string AllowedMaskedIPs { get; set; } ///  /// Gets or sets the configuration key for allowed single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyAllowedSingleIPs { get; set; } ///  /// Gets or sets the configuration key allowed mmasked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyAllowedMaskedIPs { get; set; } ///  /// List of allowed IPs ///  readonly IpList _allowedIpListToCheck = new IpList(); #endregion #region Denied ///  /// Comma seperated string of denied IPs. Example "10.2.5.41,192.168.0.22" ///  ///  public string DeniedSingleIPs { get; set; } ///  /// Comma seperated string of denied IPs with masks. Example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" ///  /// The masked I ps. public string DeniedMaskedIPs { get; set; } ///  /// Gets or sets the configuration key for denied single IPs ///  /// The configuration key single I ps. public string ConfigurationKeyDeniedSingleIPs { get; set; } ///  /// Gets or sets the configuration key for denied masked IPs ///  /// The configuration key masked I ps. public string ConfigurationKeyDeniedMaskedIPs { get; set; } ///  /// List of denied IPs ///  readonly IpList _deniedIpListToCheck = new IpList(); #endregion protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) throw new ArgumentNullException("httpContext"); string userIpAddress = httpContext.Request.UserIp(); try { // Check that the IP is allowed to access bool ipAllowed = CheckAllowedIPs(userIpAddress); // Check that the IP is not denied to access bool ipDenied = CheckDeniedIPs(userIpAddress); //Only allowed if allowed and not denied bool finallyAllowed = ipAllowed && !ipDenied; return finallyAllowed; } catch (Exception e) { // Log the exception, probably something wrong with the configuration } return true; // if there was an exception, then we return true } ///  /// Checks the allowed IPs. ///  /// The user ip address. ///  private bool CheckAllowedIPs(string userIpAddress) { // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(AllowedSingleIPs)) { SplitAndAddSingleIPs(AllowedSingleIPs, _allowedIpListToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(AllowedMaskedIPs)) { SplitAndAddMaskedIPs(AllowedMaskedIPs, _allowedIpListToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyAllowedSingleIPs)) { string configurationAllowedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedSingleIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationAllowedAdminSingleIPs, _allowedIpListToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyAllowedMaskedIPs)) { string configurationAllowedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyAllowedMaskedIPs]; if (!string.IsNullOrEmpty(configurationAllowedAdminMaskedIPs)) { SplitAndAddMaskedIPs(configurationAllowedAdminMaskedIPs, _allowedIpListToCheck); } } return _allowedIpListToCheck.Count == 0 || _allowedIpListToCheck.CheckNumber(userIpAddress); } ///  /// Checks the denied IPs. ///  /// The user ip address. ///  private bool CheckDeniedIPs(string userIpAddress) { // Populate the IPList with the Single IPs if (!string.IsNullOrEmpty(DeniedSingleIPs)) { SplitAndAddSingleIPs(DeniedSingleIPs, _deniedIpListToCheck); } // Populate the IPList with the Masked IPs if (!string.IsNullOrEmpty(DeniedMaskedIPs)) { SplitAndAddMaskedIPs(DeniedMaskedIPs, _deniedIpListToCheck); } // Check if there are more settings from the configuration (Web.config) if (!string.IsNullOrEmpty(ConfigurationKeyDeniedSingleIPs)) { string configurationDeniedAdminSingleIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedSingleIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminSingleIPs)) { SplitAndAddSingleIPs(configurationDeniedAdminSingleIPs, _deniedIpListToCheck); } } if (!string.IsNullOrEmpty(ConfigurationKeyDeniedMaskedIPs)) { string configurationDeniedAdminMaskedIPs = ConfigurationManager.AppSettings[ConfigurationKeyDeniedMaskedIPs]; if (!string.IsNullOrEmpty(configurationDeniedAdminMaskedIPs)) { SplitAndAddMaskedIPs(configurationDeniedAdminMaskedIPs, _deniedIpListToCheck); } } return _deniedIpListToCheck.CheckNumber(userIpAddress); } ///  /// Splits the incoming ip string of the format "IP,IP" example "10.2.0.0,10.3.0.0" and adds the result to the IPList ///  /// The ips. /// The list. private void SplitAndAddSingleIPs(string ips, IpList list) { var splitSingleIPs = ips.Split(','); foreach (string ip in splitSingleIPs) list.Add(ip); } ///  /// Splits the incoming ip string of the format "IP;MASK,IP;MASK" example "10.2.0.0;255.255.0.0,10.3.0.0;255.255.0.0" and adds the result to the IPList ///  /// The ips. /// The list. private void SplitAndAddMaskedIPs(string ips, IpList list) { var splitMaskedIPs = ips.Split(','); foreach (string maskedIp in splitMaskedIPs) { var ipAndMask = maskedIp.Split(';'); list.Add(ipAndMask[0], ipAndMask[1]); // IP;MASK } } public override void OnAuthorization(AuthorizationContext actionContext) { if (AuthorizeCore((HttpContextBase)actionContext.HttpContext)) return; HandleUnauthorizedRequest(actionContext); } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { filterContext.Result = new HttpStatusCodeResult(403, "IP Access Denied"); } } 

Метод расширения для получения IP-адреса пользователя, предложенный osa на github

 public static class HttpUtils { public static string UserIp(this HttpRequestBase request) { var ip = request["HTTP_X_FORWARDED_FOR"]; if (!string.IsNullOrWhiteSpace(ip)) { ip = ip.Split(',').Last().Trim(); } if (string.IsNullOrWhiteSpace(ip)) { ip = request.UserHostAddress; } return ip; } } 

И, наконец, модификация IPList (полный источник здесь ):

 internal class IpArrayList { //[...] public int Count { get { return _ipNumList.Count; } } } public class IpList { //[...] public int Count { get { return _usedList.Count; } } } 
Interesting Posts
Давайте будем гением компьютера.