How do i know whether user logs in with same computer or different computer using javascript OR php

Question

I am developing a security api which will authenticate user on the basis of how he uses the system. which includes his typing patterns his typing speed and whole lot of stuff. in all these one variable is user's computer whether he logs in with his same computer every time or not. I think mac address of the computer will do the trick for me. I searched a lot and i couldn't find any result for this question. Please help me. it will be good if your answer is in javascript or in php.

Answer 1

No one tells you their home-brewed solution. cookies and cookie-like objects, javascript, canvas. If you can detect ananomyzing methods its a huge flag to be used by admins. the harder the cookie is to clear the harder to deny they cleared it deliberately. Some sites are small and dont tolerate shenanigans.

Answer 2

It's not 100% fool proof to identify the machine or browser . But there are things you can try to check if user is using the same browser for subsequent connection. Cookies, user browser details and os, remote address, etc

EDIT : Example for user browser details

function getUserBrowser() { 
    $u_agent = $_SERVER['HTTP_USER_AGENT']; 
    $bname = 'Unknown';
    $platform = 'Unknown';
    $version = "";

    //First get the platform?
    if (preg_match('/linux/i', $u_agent)) {
        $platform = 'linux';
    }
    elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {
        $platform = 'mac';
    }
    elseif (preg_match('/windows|win32/i', $u_agent)) {
        $platform = 'windows';
    }

    // Next get the name of the useragent yes seperately and for good reason
    if(preg_match('/MSIE/i',$u_agent) && !preg_match('/Opera/i',$u_agent)) { 
        $bname = 'Internet Explorer'; 
        $ub = "MSIE"; 
    } 
    elseif(preg_match('/Firefox/i',$u_agent)) { 
        $bname = 'Mozilla Firefox'; 
        $ub = "Firefox"; 
    } 
    elseif(preg_match('/Chrome/i',$u_agent)) { 
        $bname = 'Google Chrome'; 
        $ub = "Chrome"; 
    } 
    elseif(preg_match('/Safari/i',$u_agent)) { 
        $bname = 'Apple Safari'; 
        $ub = "Safari"; 
    } 
    elseif(preg_match('/Opera/i',$u_agent)) { 
        $bname = 'Opera'; 
        $ub = "Opera"; 
    } 
    elseif(preg_match('/Netscape/i',$u_agent)) { 
        $bname = 'Netscape'; 
        $ub = "Netscape"; 
    } 

    // finally get the correct version number
    $known = array('Version', $ub, 'other');
    $pattern = '#(?<browser>' . join('|', $known) . ')[/ ]+(?<version>[0-9.|a-zA-Z.]*)#';
    if (!preg_match_all($pattern, $u_agent, $matches)) {
        // we have no matching number just continue
    }

    // see how many we have
    $i = count($matches['browser']);
    if ($i != 1) {
        //we will have two since we are not using 'other' argument yet
        //see if version is before or after the name
        if (strripos($u_agent,"Version") < strripos($u_agent,$ub)) {
            $version = $matches['version'][0];
        }
        else {
            $version = $matches['version'][1];
        }
    }
    else {
        $version = $matches['version'][0];
    }

    // check if we have a number
    if ($version == null || $version == "") {
        $version = "?";
    }

    return array(
        'userAgent' => $u_agent,
        'name'      => $bname,
        'version'   => $version,
        'platform'  => $platform,
        'pattern'    => $pattern
    );
}

and the you can use this function as

$browser = getUserBrowser();

$browser['userAgent'] //'userAgent'
$browser['name'] //'browserName'
$browser['version'] //'version'
$browser['platform'] //'platform'
$browser['pattern'] //'pattern'

for IP, you can check different IP types like

'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR'

and regarding cookie setup:

Cookies

How to Create, Read, Update and Delete a Cookie with PHP or Javascript

Answer 3

When the user registers, at that time you take the user's IP address. Then, at the time of login, you check if the user logged in with the same computer or another computer.