# `PhoenixKit.Migrations.Postgres.V23`
[🔗](https://github.com/BeamLabEU/phoenix_kit/blob/v1.7.165/lib/phoenix_kit/migrations/postgres/v23.ex#L1)

PhoenixKit V23 Migration: Session Fingerprinting

This migration adds session fingerprinting capabilities to prevent session hijacking attacks.
It adds IP address and user agent tracking to session tokens, allowing the system to
detect when a session token is used from a different location or device.

## Changes

### Session Security Enhancements
- Adds ip_address field to phoenix_kit_users_tokens table for IP-based verification
- Adds user_agent_hash field to phoenix_kit_users_tokens table for device verification
- Session tokens can now be verified against the original connection fingerprint
- Prevents session hijacking by detecting suspicious session usage patterns

## Security Features
- IP address tracking: Detects when session is used from different IP
- User agent hashing: Detects when session is used from different browser/device
- Backward compatible: Existing sessions without fingerprints remain valid
- Configurable strictness: Can log warnings or force re-authentication

## PostgreSQL Support
- Supports PostgreSQL prefix for schema isolation
- Optimized indexes for fingerprint lookups

# `down`

Rollback the V23 session fingerprinting migration.

# `up`

Run the V23 session fingerprinting migration.

---

*Consult [api-reference.md](api-reference.md) for complete listing*