Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This project is not covered by Drupal’s security advisory policy.
There is an open security issue: Security: Bypassing the IP authentication is easy?
Drupal 8 custom Authentication Provider using an IP Consumer White List.
This idea is to enable anonymous user access to Drupal 8 REST Resources using IP addresses as the validation method.
This module enables a UI to add a white list of IP consumers.
The module was generated using Drupal Console.
Usage:
Using the contrib module REST UI (I recommend using the git version, until its first Drupal 8 release), you can enable REST Resources using the Authentication Provider ip_consumer_auth.
Remember to enable the specific permissions for the REST Resource to anonymous user, as you can see in the following image:
If you are interested in creating your own Drupal 8 Authentication Provider, you can read the blog entry How to create an Authentication Provider in Drupal 8.
If you are interested in contributing, please create a PR in GitHub https://github.com/enzolutions/ip_consumer_auth
Supporting organizations:
Developed
| Attachment | Size |
|---|---|
| rest_anonymous_permission.png | 36.4 KB |
Project information
- Module categories: Access Control
47 sites report using this module- Created by -enzo- on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
Releases
2.0.0-alpha1
released 5 June 2023
Works with Drupal: ^8 || ^9 || ^10
✓ Recommended by the project’s maintainer.
Install:
