Overview
Casdoor supports the ip whitelist function of the entry page. When a user accesses the entry page (login/signup/forget-password), Casdoor will decide whether to allow the user to access the entry page based on whether the client IP is in the whitelist. Here, we will show you how to enable the option to specify the ip whitelist function of the entry page at the user, application and organization levels.
Configuration
User Level
Casdoor will first determine whether the client address meets the user-level ip whitelist requirements.
If you want to specify user-level ip whitelist, you first need to add the "IP whitelist" account item on the edit page of the organization to which the user belongs. Then specify your ip whitelist by filling in the comma separated CIDR list, such as 192.168.1.0/24,25.112.0.0/16. If the ip whitelist is empty, it means there is no restriction on the client IP address.
If you forget how to customize users' account items, Please refer to the Account Customization
Application Level
If the client IP address passes the user-level check, Casdoor will proceed to perform application-level check. You can specify the ip whitelist through the IP whitelist configuration option on the application edit page.
Organization Level
Organization-level check will be performed last. You can use the IP whitelist configuration option on the organization edit page to specify organization-level ip whitelist.
Here is a demo video that shows how to use ip whitelist: