DEV Community


Posted on • Updated on

Simple way to do device fingerprinting

Device fingerprint is a unique identifier for a specific device the most common uses for it are fraud detection and user validation.

There is no clear way to get this unique identifier instead, we will try to generate a string out of some information collected from the user.

Fingerprinting can be on the client-side (browser) or on the backend, we will do the backend way because it doesn't limit us by the user device or the features enabled on it.

You can use a lot of parameters to generate this identifier, in my case I'm trying to detect if the user is trying to log in from a different device or browser to the same account, for this simple case I will use a combination of IP address, user agent and params(credentials + CSRF token)

You can add more parameters to this combination like cookies or other headers.

I used here md5 as a hashing algorithm to generate the fingerprint but you can use a different one.

const md5 = require('crypto-js/md5')
const requestIp = require('request-ip');

const ip = requestIp.getClientIp(req);
const useragent = req.headers['user-agent'];
const params = request.body;
const fingerprint = md5(ip + useragent + JSON.stringify(params)).toString();
Enter fullscreen mode Exit fullscreen mode

Top comments (0)