Whitelist IP

[adrianmihalko]

Is there any way to whitelist an IP (do not ask for authentication)? I am using Google authentication with JWT to login, but I want to whitelist certain IPs, so they do not need to login.

[magikstm]

This feature isn't available in loginsrv at the moment and hasn't been discussed before.

If it would be considered, it could maybe be implemented as the ipfilter plugin: ip: A sequence of IP adddresses or CIDR ranges to match. For example, ip 1.2.3.4 192.168.0.0/24 This is optional. It can be used more than once in each ipfilter block rather than enumerating all IPs after a single ip directive.

Ref: https://github.com/pyed/ipfilter

Note: I tried using the ipfilter plugin above with loginsrv in Caddy and it couldn't be used to whitelist IPs for loginsrv.

[smancke]

Hi @adrianmihalko, since loginsrv is only creating the token an not doing the access restriction, you need to implement your IP whitelist somewhere else (e.g. caddy jwt).