πŸ“ IP Validation in Better-Auth

Easily validate IPs in Better-Auth with the Dymo API.

A better, simpler way to validate IPs with Dymo API in a single line of code!

About IP Validation

What is IP Validation?

Please note that this feature may depend on plugins to function correctly.
This feature is currently in the experimental phase and may fail until it reaches the stable version.

Usage

To start validating IPs registered in your project with Better-Auth, simply add this code to your plugin array.

import { dymoIPPlugin } from "@dymo-api/better-auth";

export const auth = betterAuth({
    plugins: [
	    dymoIPPlugin({ 
            apiKey: ""
        })
    ]
});

If you wish, you can set any value in the IP rules, customize them to your liking!

import { dymoIPPlugin } from "@dymo-api/better-auth";

export const auth = betterAuth({
    plugins: [
	    dymoIPPlugin({ 
            apiKey: "",
            ipRules: {
                // These are the default rules defined for IP validation.
                deny: ["FRAUD", "INVALID", "TOR_NETWORK"]
            },
            // You can disable IP normalization.
            // normalize: false
        })
    ]
});

Optional Flags

The plugin provides two optional flags:

  • applyToLogin (default: false): Apply validation to login endpoints (/sign-in/email). We recommend enabling this to prevent blocked IPs from logging in.
  • applyToOAuth (default: true): Apply validation to OAuth logins and registrations (/sign-up/oauth and /sign-in/oauth). Enabled by default.
  • normalize (default: true): Normalize IPs. Enabled by default.

Examples with Flags

Enable login validation

import { dymoIPPlugin } from "@dymo-api/better-auth";

export const auth = betterAuth({
    plugins: [
	    dymoIPPlugin({ 
            apiKey: "",
            applyToLogin: true  // recommended
        })
    ]
});

Enable login and OAuth validation with custom rules

import { dymoIPPlugin } from "@dymo-api/better-auth";

export const auth = betterAuth({
    plugins: [
	    dymoIPPlugin({ 
            apiKey: "",
            applyToLogin: true,   // validate login IPs
            applyToOAuth: true,   // validate OAuth IPs
            ipRules: {
                deny: ["FRAUD", "INVALID", "TOR_NETWORKS"]
            }
        })
    ]
});

IP Rules

RuleDefaultPremiumDescription
FRAUDβœ…βŒFraud detection
INVALIDβœ…βŒInvalid IP format
TOR_NETWORKβœ…βœ…Tor network detection
COUNTRY:<COUNTRY_CODE>❌❌Block an IP based on its country; you must use ISO 3166-1 alpha-2.
HIGH_RISK_SCOREβŒβœ…High risk score detection

Parameters

ParameterTypeRequiredDescription
apiKeyStringβœ…Your Dymo API key to validate IPs
ipRulesIP Rules[]❌Customize which IP rules to apply
applyToLoginBoolean❌Apply validation to login endpoints
applyToOAuthBoolean❌Apply validation to OAuth login/register
normalizeBoolean❌Normalize IPs