From c3c56ef68fcdf8e97360710f79589cbd726382ea Mon Sep 17 00:00:00 2001
From: ufoloko <pcalderonp@gmail.com>
Date: Thu, 3 Jun 2021 10:52:31 -0500
Subject: [PATCH] Improve Validation IP Address for login

I have changed function to get IP for Login Ip validation with last UserRequestIPAddressController function
---
 .../DesktopModules/Admin/Authentication/Login.ascx.cs | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs b/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs
index 82e924f5ae6..93979268ab6 100644
--- a/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs	
+++ b/DNN Platform/Website/DesktopModules/Admin/Authentication/Login.ascx.cs	
@@ -1301,13 +1301,18 @@ private void ValidateUser(UserInfo objUser, bool ignoreExpiring)
             switch (validStatus)
             {
                 case UserValidStatus.VALID:
+                    
+                    //Obtain the current client IP
+                    var userRequestIpAddressController = UserRequestIPAddressController.Instance;
+                    var ipAddress = userRequestIpAddressController.GetUserRequestIPAddress(new HttpRequestWrapper(this.Request));
+                    
                     // check if the user is an admin/host and validate their IP
                     if (Host.EnableIPChecking)
                     {
                         bool isAdminUser = objUser.IsSuperUser || objUser.IsInRole(this.PortalSettings.AdministratorRoleName);
                         if (isAdminUser)
                         {
-                            var clientIp = NetworkUtils.GetClientIpAddress(this.Request);
+                            var clientIp = ipAddress;
                             if (IPFilterController.Instance.IsIPBanned(clientIp))
                             {
                                 PortalSecurity.Instance.SignOut();
@@ -1331,9 +1336,7 @@ private void ValidateUser(UserInfo objUser, bool ignoreExpiring)
                     // Set the Authentication Type used
                     AuthenticationController.SetAuthenticationType(this.AuthenticationType);
 
-                    // Complete Login
-                    var userRequestIpAddressController = UserRequestIPAddressController.Instance;
-                    var ipAddress = userRequestIpAddressController.GetUserRequestIPAddress(new HttpRequestWrapper(this.Request));
+                    // Complete Login                    
                     UserController.UserLogin(this.PortalId, objUser, this.PortalSettings.PortalName, ipAddress, this.RememberMe);
 
                     // check whether user request comes with IPv6 and log it to make sure admin is aware of that