Make apps only work at one physical location (IP Address)

I use the following technique to offer some minimal access control over where users can log into applications. I do this for clients who want their app to work only at a particular office location, for example.

The ‘admin’ code allows an admin user to set the IP address at which the app can run (they just click the ‘setip’ link when logged into that network, at the office, for example). The ‘client’ example code checks to see if the app is running at that IP address. In production, I implement a few more steps, including user login, as well as a password login option for admin functions, separating admin apps entirely from client apps, etc., but hopefully this is useful to someone as a simple addition to user login.

You’ll see there’s also some optional example uplink code in the admin server module which you can copy and run on any machine, to set allowable IP address(es).

This isn’t meant to provide secure access for critical apps, but has been useful as a simple additional first line of defense and deterrent to, for example, keep former employees from easily logging into an Anvil app at home after leaving a job, and also to help with IP logging, etc.