2

I need to know the IP addresses of the users who enter my website. I've already write the following code, but it returns only users WAN IP. That's not enough for me, since I need a full trace of users to prevent them to click twice on the same button (cookies are not an option because most of users use anonymous mode).

app.enable('trust proxy'); // enable trust proxy

I'm using this code to get the req.ips (in theory it has what I want) or just req.ip if the last was empty. The problem is that req.ips is always empty.

req.ips.length ? req.ips : [req.ip]

Any ideas of what can I do now?

user3002796
  • 21
  • 1
  • Possible duplicate of: http://stackoverflow.com/questions/19266329/node-js-get-clients-ip – Mike Causer Jan 29 '14 at 13:43
  • Actually, I believe I was understanding wrong the _req.ips_ function. It returns the client IP, which in any case would be its WAN IP (seems kind of obvious now). Anyway, this won't solve my problem. Is there any way to go further in the IP trace, so I can identify users properly? – user3002796 Jan 29 '14 at 14:28
  • I think this will help you: http://stackoverflow.com/questions/19266329/node-js-get-clients-ip/19294371#19294371 – Svbaker Jan 30 '14 at 12:14

2 Answers2

1

you can use this

this.body = this.req.headers['x-real-ip'];
Alongkorn
  • 3,968
  • 1
  • 24
  • 41
0

Sounds like you might have (partially) answered your own question, but I wanted to throw some ideas out there for you.

First, you're never going to get the locally-assigned IP address of the computer: that's just not something that the browser is ever going to report. You also probably won't be able to get meaningful identifying "low-level" network protocol information as there are many different approaches to NAT.

The traditional way to solve this, as you mentioned is cookies, but if your users are mostly using anonymous mode, that's not an option, as you say.

Have you considered HTML5 Local Storage? That is accessible in anonymous mode, and you can use it like a session, storing a unique session ID on each client. This means your clients need a relatively modern browser, but hopefully that won't be an issue.

Here's some information about HTML5 local storage:

http://diveintohtml5.info/storage.html

This isn't a slam-dunk, though: the behavior of local storage in anonymous mode is currently debated. There's a good discussion of it here:

http://blog.whatwg.org/tag/localstorage

Another option would be to use a querystring...not a great solution, maybe, and easily foiled by the user (if you're worried about that). When you first land on the page, you can redirect the user to the same page with a querystring containing a unique ID. This approach is burdensome in that you must make sure that querystring is added to every internal link. But it does get around all issues with anonymous browsing.

Ethan Brown
  • 26,892
  • 4
  • 80
  • 92