dmirkitanov
dmirkitanov

Reputation: 1396

How to decline user authentication request depending on its ip address in Symfony2

In my case some of users can login only from specific ip addresses (one for each user).

I need to decline all auth requests for a user if user's ip address doesn't match with ip from database.

For now I have this User entity:

class User implements AdvancedUserInterface
{
    // ....
    protected $id;

    // ....
    protected $allowedIp;
}

This check needs to be done at the authentication stage.

Upvotes: 2

Views: 437

Answers (1)

Problematic
Problematic

Reputation: 17678

You'll want to use an authentication voter. The Symfony cookbook has a recipe for an IP blacklist voter, so you can follow their example and change the code to deny if it's not on the list, instead of denying if it is.

Upvotes: 3

Related Questions