Reputation: 2850
Authenticate a user using its IP address
For the project I'm working on i need to be able to authenticate visitors based on their IP address under certain conditions.
The way I have been doing it is by comparing the visitor's IP address to a table in my database. If the IP checks out i get the related user from the DB and log it in with limited access.
However I've been doing this using the Session_start() method in global.asax and creating a session variable that specifies if the user is logged in via IP or not. I then restrict certain functions if the user is logged in via IP.
However this hasn't been working well enough, mainly because when the user firsts visits the site i want to let him know that he's been logged in via his IP address, but the session start seems to be fired after the view has been rendered so the message isn't displayed until the visitor refreshes the page or visits a subpage. Just having a session variable also doesn't seem safe enough(though i admit i haven't researched that properly).
I´ve tried to do the checking and auto login in the Application_BeginRequest() method but the authentication manager hasn't been initialized that early in the request so i can't log the user in.
Anyone that can point me in the right direction? What the best way to accomplish this would be?
Upvotes: 0
Views: 1292
Answers (1)
Reputation: 321
You can use and extend the AuthorizeAttribute and override OnAuthorization so that you can put your checking there.
Upvotes: 1
Related Questions
- How can I get the client's IP address in ASP.NET MVC?
- How to get the public IP address of a user in C#
- How to get the client ip address in asp.net mvc?
- MVC restrict access based on IP
- IP Based User Authorization in MVC4
- Get User IP in a BaseController?
- Getting a user IP in ASP.NET MVC
- Get ip address from a request mvc
- Getting the ip adress of the user connected to asp application
- ASP.NET MVC: how to authorize for users or client IP?