Security. How to restrict login to users by IP, port or domain

The task is to restrict access to a certain group of users login to the site by domain or IP. 

To do this, we use the procedure & nbsp;falcon_afterLogin in it, in @parameters, there are parameters domain, userIp, userPort. The procedure is performed after entering the correct username and password on the login page (but before authorization). 

Based on them, we decide whether the user has access and return the correct access (Result 0 or 1).

ALTER PROCEDURE [dbo].[falcon_afterLogin]
	@parameters ExtendedDictionaryParameter READONLY,  -- userGuid, langID, domain, userIP, userPort
	@username nvarchar(32)
AS
BEGIN
	declare @port int
	select @port = try_cast(value as int) from @parameters where [key]='userPort'
	-- here you can also check for belonging to a specific role
	-- for example, let admins only from certain IP or ports

	if(@port=12344) begin
		select 1 Result, '' Msg, '/' redirectUrl
	end else begin
		select 0 Result, 'No access' Msg, '' redirectUrl
	end

  -- SELECT 2 Outer commands
  select '' type
END

Similarly, you can restrict access to some critical tables or forms (they also have the @parameters parameter with similar elements). 

Falcon Space is a functional web development platform on a narrow stack MS SQL/Bootstrap. Falcon Space Gettting started
{sp-shortDemostandLinks}

Falcon Space Platform

This is a reduction in the cost of ownership

at the expense of fewer people to support

This is a quick change

while using the program

This is a modern interface

full adaptation for mobile devices

Note