IP Based Restriction only for Checkin and Checkout

Hi everyone, i know about the IP based restriction for login into the ERPNext. But I have a requirement where this restriction need to be only for Check-in and Checkout So that Employee can login into the system from different IP and apply for leave/download salary slip etc., but should not able to do check-in.

Can anyone have solution for that?
Thanks in Advance

Hi,

You can restrict the IP’s from User settings as shown in attached screenshot.

Thanks for the reply, i knew about that but my use-case is like, user should allowed to login from any IP but they should able to do check-in and checkout for specified IP

Hi @Jignasa_Chavda:

Is far I know there is no option “out of the box” … but …

  1. Customize your employee docytpe. Add a field, named “allowed_checkin_ip”.

  2. Create a server script for your “Employee CheckIn” doctype, event type for “Before insert”

if frappe.request.headers.get('X-Forwarded-For'):
    ip_address = frappe.request.headers.get('X-Forwarded-For').split(',')[0]
else:
    ip_address = frappe.request.remote_addr

allowed_ip = frappe.db.get_value("Employee", doc.employee, "custom_allowed_checkin_ip")

if ip_address != allowed_ip:
    frappe.throw("IP address not allowed")

Hope this helps.