Make sure to validate the client's ip address

2026-03-27 14:36:36 +00:00 · 2020-07-25 21:00:58 +02:00
parent 5fc75ef877
commit 0b299619ff
6 changed files with 70 additions and 10 deletions
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ Connect integration enabled by default. Cookies are encrypted and signed on the
 on [Gorilla Sessions](https://www.gorillatoolkit.org/pkg/sessions). PAA tokens (gateway access tokens)
 are generated and signed according to the JWT spec by using [jwt-go](https://github.com/dgrijalva/jwt-go)
 signed with a 512 bit HMAC. Hosts provided by the user are verified against what was provided by
-the server.
+the server. Finally, the client's ip address needs to match the one it obtained the token with.

 ## How to build
 ```bash