Hi everyone, i know about the IP based restriction for login into the ERPNext. But I have a requirement where this restriction need to be only for Check-in and Checkout So that Employee can login into the system from different IP and apply for leave/download salary slip etc., but should not able to do check-in.
Can anyone have solution for that?
Thanks in Advance
Thanks for the reply, i knew about that but my use-case is like, user should allowed to login from any IP but they should able to do check-in and checkout for specified IP
Hi @Jignasa_Chavda:
Is far I know there is no option “out of the box” … but …
Customize your employee docytpe. Add a field, named “allowed_checkin_ip”.
Create a server script for your “Employee CheckIn” doctype, event type for “Before insert”
if frappe.request.headers.get('X-Forwarded-For'):
ip_address = frappe.request.headers.get('X-Forwarded-For').split(',')[0]
else:
ip_address = frappe.request.remote_addr
allowed_ip = frappe.db.get_value("Employee", doc.employee, "custom_allowed_checkin_ip")
if ip_address != allowed_ip:
frappe.throw("IP address not allowed")
Hope this helps.
# Get the client's IP from Cloudflare headers, if available
if frappe.request.headers.get('CF-Connecting-IP'):
ip_address = frappe.request.headers.get('CF-Connecting-IP')
elif frappe.request.headers.get('X-Forwarded-For'):
ip_address = frappe.request.headers.get('X-Forwarded-For').split(',')[0]
else:
ip_address = frappe.request.remote_addr
# Fetch the allowed IPs for the employee as a comma-separated list
allowed_ips = frappe.db.get_value("Employee", doc.employee, "custom_allowed_checkin_ip")
# Convert the list of allowed IPs into an array and strip whitespace
allowed_ips_list = [ip.strip() for ip in allowed_ips.split(',') if ip.strip()]
# Check if the current IP is in the list of allowed IPs
if ip_address not in allowed_ips_list:
frappe.throw("IP address not allowed for check-in.")