Appreciate everyone's pointers! Cheers,
On Sunday, December 25, 2022 at 9:26:50 PM UTC-7 [email protected] wrote: > This can be done GeoIP but it can be done in a different way I have done > one before that was with REST API, all you have to do if you don't want to > depend on any third library is to have a device model which stores the user > and IP then whenever the user login saves it. > So with this, you have all the user's IPs so when they log in again then > you compare their previous IPs with the current if different you can send a > warning mail or you just send an OTP to verify before logging in. > What I did was for one company I worked with so I can share the code I am > sorry for that. > > On Sun, 25 Dec 2022 at 20:58, 'Kasper Laudrup' via Django users < > [email protected]> wrote: > >> On 25/12/2022 20.52, tristant wrote: >> > Is there a mechanism in Django where we can identify the location of >> > login? Any reading sources regarding this functionality would be much >> > appreciated. >> > >> >> What you're looking for is something called geoip. To the best of my >> knowledge there's no such thing build into Django (wouldn't really make >> much sense anyway) but it should be trivial to query some geoip database >> from your code and get a somewhat reliable idea on where that IP is >> coming from. >> >> There's no way that can be accurate but it might be useful for something >> like detecting a locale (that the user can then change) or similar. >> >> >> > Along the same line, is there a way to prevent a login attempt if the >> > location is within certain blacklisted IP subnets? >> > >> >> It is trivial to spoof a source IP address once you reach the Django >> application part of the communication. That's more of a feature than a >> bug actually because of things like proxies etc. >> >> If you want to blacklist IPs you have to do that on a lower level. For a >> single server running Linux something like netfilter/iptables might be >> used but I'm sure there are some more convenient scripts/services etc. >> that might be used. The main point is that you cannot do this from your >> Django code. >> >> Hope that helps you in the right direction. >> >> Kind regards, >> Kasper Laudrup >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/e83a7b85-6fd3-ced8-b4bf-fdf77650cfe8%40stacktrace.dk >> . >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5f7cf341-d2fb-448e-86e9-5b828f67afa7n%40googlegroups.com.

