From bf6b685e8ce0a6e094d03c5d7ff6efad9c0fa78f Mon Sep 17 00:00:00 2001
From: Michael Bai <baijiangjie@gmail.com>
Date: Fri, 10 Sep 2021 15:04:18 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20api/health/=E5=81=A5=E5=BA=B7=E6=A3=80?=
 =?UTF-8?q?=E6=B5=8B=E6=B7=BB=E5=8A=A0localhost?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/jumpserver/api.py | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/apps/jumpserver/api.py b/apps/jumpserver/api.py
index 6be2e4407..76192130f 100644
--- a/apps/jumpserver/api.py
+++ b/apps/jumpserver/api.py
@@ -17,9 +17,10 @@ from terminal.models import Session
 from terminal.utils import ComponentsPrometheusMetricsUtil
 from orgs.utils import current_org
 from common.permissions import IsOrgAdmin, IsOrgAuditor
-from common.utils import lazyproperty
+from common.utils import lazyproperty, get_request_ip
 from orgs.caches import OrgResourceStatisticsCache
 
+
 __all__ = ['IndexApi']
 
 
@@ -304,12 +305,21 @@ class HealthApiMixin(APIView):
             return False
         return True
 
+    def is_localhost(self):
+        ip = get_request_ip(self.request)
+        return ip in ['localhost', '127.0.0.1']
+
     def check_permissions(self, request):
-        if not self.is_token_right():
-            msg = 'Health check token error, ' \
-                  'Please set query param in url and same with setting HEALTH_CHECK_TOKEN. ' \
-                  'eg: $PATH/?token=$HEALTH_CHECK_TOKEN'
-            self.permission_denied(request, message={'error': msg}, code=403)
+        if self.is_token_right():
+            return
+        if self.is_localhost():
+            return
+        msg = ''' 
+        Health check token error, 
+        Please set query param in url and same with setting HEALTH_CHECK_TOKEN. 
+        eg: $PATH/?token=$HEALTH_CHECK_TOKEN
+        '''
+        self.permission_denied(request, message={'error': msg}, code=403)
 
 
 class HealthCheckView(HealthApiMixin):