nightingale1/docs/account-access.md

## 登陆相关

#### 来源地址限制

IP地址的获取顺序

- http header "X-Forwarded-For"
- http header "X-Real-Ip"
- http request RemoteAddr

nginx 代理配置客户端地址

```
# https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
```
Rdb (#479) * use collector interface * mysql can work fine * add basecollector * add prober & monapi.plugins * enable mysql plugins work * rename collector -> manager * add white list access check for rdb * add cache module for authConfig & session * rollback n9e_rdb_3.3.0.sql * add sql ddl document * add white_list, pwd, login access control * add email code for login & reset password * use sessionUsername instead of cookieUsername * remove cookie name and data from session * rename userName to username * add remote_addr with session connection * add get user by sid with cache * enable cookie life time could be zero * go mod tidy * Rdb with session & monapi with telegraf (#456) * use collector interface * mysql can work fine * add basecollector * add prober & monapi.plugins * enable mysql plugins work * rename collector -> manager * add white list access check for rdb * add cache module for authConfig & session * rollback n9e_rdb_3.3.0.sql * add sql ddl document * add white_list, pwd, login access control * add email code for login & reset password * use sessionUsername instead of cookieUsername * remove cookie name and data from session * rename userName to username * add remote_addr with session connection * add get user by sid with cache * enable cookie life time could be zero * go mod tidy * add plugins config for prober * add prober plugin expression parse * update transfer default config for m3 * Rdb (#458) * bugfix: session gc * use flag for pwdMustInclude * change user login function * delete invite token after use * bugfix: login response * add sessionStart middle ware * add auth module * add i18n for rdb * add i18n.zh for rdb.auth * add mon plugins(redis, mongodb) * update config * add sub struct into definitions * clean up sid cache after session destory * bugfix: get user return nil when not found * update i18n * bugfix: ignore cache nologin user * add user for callback output * add password change api * update default configfile & sql patch * merge mon http middleware from rdb * remove sso logout, sso already supporte one time auth 2021-01-01 10:41:30 +08:00			`## 登陆相关`

			`#### 来源地址限制`

			`IP地址的获取顺序`

			`- http header "X-Forwarded-For"`
			`- http header "X-Real-Ip"`
			`- http request RemoteAddr`

			`nginx 代理配置客户端地址`

			```
			`# https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			```