Skip to content

Commit

Permalink
Merge pull request #4702 from ufoloko/develop
Browse files Browse the repository at this point in the history 
Improve Validation IP Address for login
  • Loading branch information
@mitchelsellers
mitchelsellers authored Jun 4, 2021
2 parents a3cd234 + c3c56ef commit 91d3ead
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions DNN Platform/Website/DesktopModules/Admin/Authentication/#.ascx.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1301,13 +1301,18 @@ private void ValidateUser(UserInfo objUser, bool ignoreExpiring)
switch (validStatus)
{
case UserValidStatus.VALID:

//Obtain the current client IP
var userRequestIpAddressController = UserRequestIPAddressController.Instance;
var ipAddress = userRequestIpAddressController.GetUserRequestIPAddress(new HttpRequestWrapper(this.Request));

// check if the user is an admin/host and validate their IP
if (Host.EnableIPChecking)
{
bool isAdminUser = objUser.IsSuperUser || objUser.IsInRole(this.PortalSettings.AdministratorRoleName);
if (isAdminUser)
{
var clientIp = NetworkUtils.GetClientIpAddress(this.Request);
var clientIp = ipAddress;
if (IPFilterController.Instance.IsIPBanned(clientIp))
{
PortalSecurity.Instance.SignOut();
Expand All @@ -1331,9 +1336,7 @@ private void ValidateUser(UserInfo objUser, bool ignoreExpiring)
// Set the Authentication Type used
AuthenticationController.SetAuthenticationType(this.AuthenticationType);

// Complete Login
var userRequestIpAddressController = UserRequestIPAddressController.Instance;
var ipAddress = userRequestIpAddressController.GetUserRequestIPAddress(new HttpRequestWrapper(this.Request));
// Complete Login
UserController.UserLogin(this.PortalId, objUser, this.PortalSettings.PortalName, ipAddress, this.RememberMe);

// check whether user request comes with IPv6 and log it to make sure admin is aware of that
Expand Down

0 comments on commit 91d3ead

Please # to comment.