brendanheywood
commented
5 years ago Here is an example of an email sent by cloudflare when from a new device. This could be easily bundled into this plugin. You don't need to actually do anything with the email it's just an FYI, but it could have a 'this wasn't me' button, the same as the email factor. We'd want to share some logic for that.
Hi,
Your security is very important to us. This email address was used to access the Cloudflare dashboard from a new IP address:
email: BLAH BLAH time: 2019-10-29 00:20:26 UTC IP address: 1.136.105.105 browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
If this was you, you can ignore this alert. If you suspect any suspicious activity on your account, please change your password and enable two-factor authentication: https://dash.cloudflare.com/profile
If you have any questions or concerns, don't hesitate to get in touch: support@cloudflare.com
Best,
Cloudflare Team
Peterburnett
If you have been logged in on this device before then that counts for something rather than being on a completely unknown device.
This could work by storing and comparing moodle old session id's or previous ip addresses or some combination.
We probably need a after_login method for factors as we only want to store things when we know we've gotten all the way through MFA. And in this method for this factor we'd store the new ip or session cookie value ourselves in user prefs and manage it directly.