Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auto-detect IP? #33

Open
zymergen-vdc opened this issue Aug 11, 2019 · 1 comment
Open

auto-detect IP? #33

zymergen-vdc opened this issue Aug 11, 2019 · 1 comment

Comments

@zymergen-vdc
Copy link

zymergen-vdc commented Aug 11, 2019
edited

I noticed the addition and then removal of being able to pass the IP as a parameter. I'd prefer if there was auto-detection of the IP. Seems preferable to adhere to the same process that the OneLogin GUI does. That is, the requirement of using MFA should be dependent on your source IP. If that IP falls into a whitelisted IP then you don't need MFA. Otherwise, you need MFA. For an end-user to be able to arbitrarily edit the source IP and bypass MFA seems like a faulty security model. Just detect it and let the already-defined rules apply.
@pitbulk
Copy link
Contributor

pitbulk commented Aug 12, 2019

The setting file and the python script itself should not be editable by an end-user.

I will consider adding the auto-detection piece of code and add a flag to activate or not this feature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pitbulk @zymergen-vdc