The company I work with wishes to deploy ERPNext but as part of the requirements we would require that the site is only accessible from selected devices, that is we would prefer the site to only be accessible to devices resident in any of our stores/offices and some selected mobile devices
I have considered the following ideas
The Use of IP Addresses: This involves setting the Nginx to restrict access to certain IPs , but Given that their internet service provider does not operate using a static IP address, the IP address can be changed at any point which will entail frequent modification of Nginx settings
Using Mac Address: This way only Mac addresses from trusted devices are allowed to access the site, but since ERPNext is mainly browser-based we would have to force each device to transmit Mac address and block all unrecognized Mac Addresses, I am not entirely sure if Nginx supports Mac address filtering, but Nonetheless this is a less reliable technique given that Mac addresses can be spoofed.
Has anyone implemented this sort of structure previously?
Any ideas or suggestions would be greatly appreciated.