From f1062b34d2769d2f7bd20249b124ea80436d63cd Mon Sep 17 00:00:00 2001
From: lkddi <lkddi@163.com>
Date: Thu, 12 Mar 2026 07:16:32 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E6=94=AF=E6=8C=81?=
 =?UTF-8?q?=E8=85=BE=E8=AE=AF=E4=BA=91=20EdgeOne=20EO-Client-IP=20?=
 =?UTF-8?q?=E5=A4=B4=E9=83=A8=EF=BC=8C=E9=87=8D=E6=9E=84=E4=B8=AD=E9=97=B4?=
 =?UTF-8?q?=E4=BB=B6=E7=9C=9F=E5=AE=9EIP=E8=8E=B7=E5=8F=96=E4=BC=98?=
 =?UTF-8?q?=E5=85=88=E7=BA=A7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Middleware/CloudflareProxies.php | 16 +++++++++++++---
 routes/web.php                            |  1 +
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/app/Http/Middleware/CloudflareProxies.php b/app/Http/Middleware/CloudflareProxies.php
index 72eb73d..e7417b5 100644
--- a/app/Http/Middleware/CloudflareProxies.php
+++ b/app/Http/Middleware/CloudflareProxies.php
@@ -17,12 +17,22 @@ class CloudflareProxies
         // 优先采纳 Cloudflare 的 CF-Connecting-IP
         if ($request->hasHeader('CF-Connecting-IP')) {
             $realIp = $request->header('CF-Connecting-IP');
-            $request->server->set('REMOTE_ADDR', $realIp);
-            $request->headers->set('X-Forwarded-For', $realIp);
         }
-        // 其次兜底常见的国内 CDN 厂商（如腾讯云 EdgeOne / 阿里云 DCDN）
+        // 腾讯云 EdgeOne CDN 自定义回源头部（后台配置名：EO-Client-IP）
+        elseif ($request->hasHeader('EO-Client-IP')) {
+            $realIp = $request->header('EO-Client-IP');
+        }
+        // 其他国内 CDN 厂商（阿里云 DCDN 等）通用头部
         elseif ($request->hasHeader('X-Real-IP')) {
             $realIp = $request->header('X-Real-IP');
+        }
+        // 最后兜底：取 X-Forwarded-For 最左边第一个（真实客户端）IP
+        // 格式为 "真实客户端, CDN节点1, CDN节点2"
+        elseif ($request->hasHeader('X-Forwarded-For')) {
+            $realIp = trim(explode(',', $request->header('X-Forwarded-For'))[0]);
+        }
+
+        if (! empty($realIp)) {
             $request->server->set('REMOTE_ADDR', $realIp);
             $request->headers->set('X-Forwarded-For', $realIp);
         }
diff --git a/routes/web.php b/routes/web.php
index cefda8e..eb2cce5 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -30,6 +30,7 @@ Route::post('/login', [AuthController::class, 'login'])->name('login.post');
 // 处理退出登录
 Route::post('/logout', [AuthController::class, 'logout'])->name('logout');
 
+
 // 聊天室系统内部路由 (需要鉴权)
 Route::middleware(['chat.auth'])->group(function () {
     // ---- 第六阶段：大厅与房间管理 ----