How to Inject AJAX in Middleware and fecth REAL Ip public address
Hi guys, I have a problem with my App. I have a public Ip that can be obtained only via JS. If it try to get it via Laravel, than the load balancer and proxy "changes" all my clients IPs. My objective is to let people avoid authentication based on a specific range of Ips. Since I can't get actual Ip from Back-end, I was thinking to send the iP in a request using AJAX and then bring it back to the middleware to check if the Ip is in range. Does anyone have a suggestion for this?
The user lands on a login route, and you can send them a view which includes the JS to return the client IP. You can then validate this and automatically log the user in.
I doubt that this will work though since
a) the IP that the client sees is their internal IP, not their internet IP
b) the IP that you receive from the Internet, assuming your own proxy forwards it, could be shared by many people (at an office) or dynamic if they are connecting via a mobile network.
All in all, IP is a very poor indicator of unique identity
@Snapey Thanks for your reply! So, the thing is the the App has some "common section" that shouldn't require the authentication, but still, the client wants me to block all the requests that are not coming from internal IPs (I mean, If I am inside the office connected in LAN, I want to see the common part of the application, but I am accessing the app from outdoor or from my home, I want to be sure you're an employ and make you authenticate).
