Appreciate everyone's pointers! Cheers,
On Sunday, December 25, 2022 at 9:26:50 PM UTC-7 yebo...@gmail.com wrote: > This can be done GeoIP but it can be done in a different way I have done > one before that was with REST API, all you have to do if you don't want to > depend on any third library is to have a device model which stores the user > and IP then whenever the user login saves it. > So with this, you have all the user's IPs so when they log in again then > you compare their previous IPs with the current if different you can send a > warning mail or you just send an OTP to verify before logging in. > What I did was for one company I worked with so I can share the code I am > sorry for that. > > On Sun, 25 Dec 2022 at 20:58, 'Kasper Laudrup' via Django users < > django...@googlegroups.com> wrote: > >> On 25/12/2022 20.52, tristant wrote: >> > Is there a mechanism in Django where we can identify the location of >> > login? Any reading sources regarding this functionality would be much >> > appreciated. >> > >> >> What you're looking for is something called geoip. To the best of my >> knowledge there's no such thing build into Django (wouldn't really make >> much sense anyway) but it should be trivial to query some geoip database >> from your code and get a somewhat reliable idea on where that IP is >> coming from. >> >> There's no way that can be accurate but it might be useful for something >> like detecting a locale (that the user can then change) or similar. >> >> >> > Along the same line, is there a way to prevent a login attempt if the >> > location is within certain blacklisted IP subnets? >> > >> >> It is trivial to spoof a source IP address once you reach the Django >> application part of the communication. That's more of a feature than a >> bug actually because of things like proxies etc. >> >> If you want to blacklist IPs you have to do that on a lower level. For a >> single server running Linux something like netfilter/iptables might be >> used but I'm sure there are some more convenient scripts/services etc. >> that might be used. The main point is that you cannot do this from your >> Django code. >> >> Hope that helps you in the right direction. >> >> Kind regards, >> Kasper Laudrup >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/e83a7b85-6fd3-ced8-b4bf-fdf77650cfe8%40stacktrace.dk >> . >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5f7cf341-d2fb-448e-86e9-5b828f67afa7n%40googlegroups.com.
