-
Notifications
You must be signed in to change notification settings - Fork 0
IP Address Checker
Prithoo Medhi edited this page Jul 16, 2023
·
1 revision
It logs IP addresses from which a particular request is made and the user making the request, which it can determine by verifying and then reading the JWT Bearer token.
If a user is found for the request, it checks the IP address against the addresses the user has logged in from in the last six months. If the current IP address is not found in the list of login IP addresses for the user, a 302 response is sent back to the client, asking the user to re-login to verify their identity.
This is done to make token-hijacking less feasible, while not locking in the user to a specified group of IP addresses from their end.