Table of Contents

Class SuspiciousSessionSettings

Namespace
KadicAuth.Application.Common
Assembly
KadicAuth.Application.dll

Configures suspicious session detection (GAP-15). A session is flagged as suspicious when the incoming request's IP address differs from the IP recorded at login time. Mapped from the "SuspiciousSession" section in appsettings.

public sealed class SuspiciousSessionSettings
Inheritance
object
SuspiciousSessionSettings

Fields

SectionName

public const string SectionName = "SuspiciousSession"

Field Value

string

Properties

CheckUserAgent

When true, a change in the User-Agent header (in addition to IP) is also considered suspicious. IP changes are always checked. Default: false — User-Agent can legitimately change (browser updates, OS updates).

public bool CheckUserAgent { get; set; }

Property Value

bool

RevokeOnDetection

When true, suspicious sessions are revoked and the request is rejected with 401. When false, the mismatch is only logged (warn-only mode). Default: false — start in warn-only so existing sessions are not disrupted on deploy.

public bool RevokeOnDetection { get; set; }

Property Value

bool