本文介绍如何利用Lua与OpenResty框架搭建MVC模板系统,并实现URL重写及黑白名单功能。文章详细展示了配置Nginx、创建HTML模板文件的过程,并通过Lua脚本实现了模板渲染与URL重定向。
A Rate-Limiting HTTP Proxy(5)MVC Template/URL Rewrite/WhiteList
MVC Template
https://github.com/bungle/lua-resty-template
I copy the template related things under lualib/resty/
Adjust the nginx.conf as follow:
location / {
root lua;
default_type "text/html; charset=utf-8";
content_by_lua_file lualib/lite/mvc.lua;
}
Create HTML template file in lua/template/index.html
<html>
<head>
<meta charset="UTF-8”>
<title>{{ title }}</title>
</head>
<body>
{* content *}
</body>
</html>
{{variable}} {* string *} {% lua script %}
The controller which use the template file lua/web/index.lua
local template = require "resty.template"
local _M = {}
function _M.index()
local model = {title = "hello template", content = "<h1>content</h1>"}
template.render('template/index.html', model)
end
return _M
URL rewrite
There are 2 commands to support that. ngx.exec and ngx.redirect
function _M.exec1(uri) — NORMAL MAPPING
local rewrite_urls = {}
local queryString = ngx.var.args
if queryString == nil then queryString = "" end
rewrite_urls['/index/article'] = '/article?' .. queryString
local match_url = rewrite_urls[uri]
if match_url then
-- ngx.redirect(match_url) -- url
ngx.exec(match_url) -- url
return true
end
return false
end
WhiteList and BlackList
mvc.lua codes to support the WAF
-- waf begin
local ret, waf = pcall(require, "waf")
if ret then
local c_ret, r_ret = pcall(waf.exec)
if c_ret and r_ret then
-- c_ret success processed, r_ret redirect
return
end
end
-- waf end
The real lua/waf.lua codes
local _M = {}
function parse_ip(ip_str)
local ip_list = {}
local it, err = ngx.re.gmatch(ip_str, '([0-9]+)[.]([0-9]+)[.]([0-9]+)[.]([0-9]+)')
while true do
local m, err = it()
if err then
ngx.log(ngx.ERR, "error: ", err)
return
end
if not m then break end
ip_list[m[0]] = true
end
return ip_list
end
local white_list_str = "192.168.0.168"
local white_list = parse_ip(white_list_str)
local black_list_str = "127.0.0.1,192.168.0.168,localhost"
local black_list = parse_ip(black_list_str)
function get_client_ip()
local ip = ngx.req.get_headers()["x_forwarded_for"]
if not ip then
ip = ngx.var.remote_addr
else
ip = ngx.re.gsub(ip, ",.*", "")
end
return ip
end
function _M.exec()
local ip = get_client_ip()
ngx.log(ngx.DEBUG, 'the ip I get = ' .. ip)
-- in the white list, return directly
if white_list[ip] then
return false
end
-- black list, return 444
if black_list[ip] then
ngx.exit(444)
return true
end
end
return _M
So if I get rid of 127.0.0.1 in the whitelist, my request will be deny
http://localhost/user/index
References:
https://github.com/362228416/openresty-web-dev/tree/master/demo9
https://github.com/362228416/openresty-web-dev/tree/master/demo10
https://github.com/362228416/openresty-web-dev/tree/master/demo11
https://github.com/362228416/openresty-web-dev/tree/master/demo12
MVC Template
https://github.com/bungle/lua-resty-template
I copy the template related things under lualib/resty/
Adjust the nginx.conf as follow:
location / {
root lua;
default_type "text/html; charset=utf-8";
content_by_lua_file lualib/lite/mvc.lua;
}
Create HTML template file in lua/template/index.html
<html>
<head>
<meta charset="UTF-8”>
<title>{{ title }}</title>
</head>
<body>
{* content *}
</body>
</html>
{{variable}} {* string *} {% lua script %}
The controller which use the template file lua/web/index.lua
local template = require "resty.template"
local _M = {}
function _M.index()
local model = {title = "hello template", content = "<h1>content</h1>"}
template.render('template/index.html', model)
end
return _M
URL rewrite
There are 2 commands to support that. ngx.exec and ngx.redirect
function _M.exec1(uri) — NORMAL MAPPING
local rewrite_urls = {}
local queryString = ngx.var.args
if queryString == nil then queryString = "" end
rewrite_urls['/index/article'] = '/article?' .. queryString
local match_url = rewrite_urls[uri]
if match_url then
-- ngx.redirect(match_url) -- url
ngx.exec(match_url) -- url
return true
end
return false
end
WhiteList and BlackList
mvc.lua codes to support the WAF
-- waf begin
local ret, waf = pcall(require, "waf")
if ret then
local c_ret, r_ret = pcall(waf.exec)
if c_ret and r_ret then
-- c_ret success processed, r_ret redirect
return
end
end
-- waf end
The real lua/waf.lua codes
local _M = {}
function parse_ip(ip_str)
local ip_list = {}
local it, err = ngx.re.gmatch(ip_str, '([0-9]+)[.]([0-9]+)[.]([0-9]+)[.]([0-9]+)')
while true do
local m, err = it()
if err then
ngx.log(ngx.ERR, "error: ", err)
return
end
if not m then break end
ip_list[m[0]] = true
end
return ip_list
end
local white_list_str = "192.168.0.168"
local white_list = parse_ip(white_list_str)
local black_list_str = "127.0.0.1,192.168.0.168,localhost"
local black_list = parse_ip(black_list_str)
function get_client_ip()
local ip = ngx.req.get_headers()["x_forwarded_for"]
if not ip then
ip = ngx.var.remote_addr
else
ip = ngx.re.gsub(ip, ",.*", "")
end
return ip
end
function _M.exec()
local ip = get_client_ip()
ngx.log(ngx.DEBUG, 'the ip I get = ' .. ip)
-- in the white list, return directly
if white_list[ip] then
return false
end
-- black list, return 444
if black_list[ip] then
ngx.exit(444)
return true
end
end
return _M
So if I get rid of 127.0.0.1 in the whitelist, my request will be deny
http://localhost/user/index
References:
https://github.com/362228416/openresty-web-dev/tree/master/demo9
https://github.com/362228416/openresty-web-dev/tree/master/demo10
https://github.com/362228416/openresty-web-dev/tree/master/demo11
https://github.com/362228416/openresty-web-dev/tree/master/demo12
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
