ip

@@ -5,6 +5,7 @@
 'use strict';
 const aes = require('./aes-pwd');
 const api = global.yoho.API;
+const _ = require('lodash');
 
 /**
  * 手机或邮箱登录 app.passport.signin => app.passport.signinAES 加密
@@ -17,11 +18,28 @@ const signinAsync = (area, profile, password, shoppingKey, req) => {
         password: aes.aesPwd(password)
     };
 
-    let ip = req.header('x-forwarded-for').split(',');
+    let remoteIp = req.get('X-Forwarded-For') || req.get('X-Real-IP') || '';
+
+    if (remoteIp) {
+        if (remoteIp.indexOf(',') > 0) {
+            let arr = remoteIp.split(',');
+
+            remoteIp = arr[arr.length - 1];
+        }
+
+        remoteIp = _.trim(remoteIp);
+
+        if (_.startsWith(remoteIp, '10.66.')) {
+            remoteIp = req.get('X-Real-IP');
+        }
+    } else if (req.connection.remoteAddress) {
+        remoteIp = req.connection.remoteAddress.split(':');
+        remoteIp = remoteIp.length ? remoteIp[remoteIp.length - 1] : '';
+    }
 
     let uaIp = {
         'user-agent': req.headers['user-agent'],
-        'X-YOHO-IP': ip.length ? ip[ip.length - 1] : ''
+        'X-YOHO-IP': remoteIp
     };
 
     if (shoppingKey) {
@@ -128,4 +146,4 @@ module.exports = {
     sendPasswordBySMS,
     verifyPasswordBySMS,
     checkUserExitBySMS
-};
\ No newline at end of file
+};