diff --git a/DysonNetwork.Pass/Auth/AuthServiceGrpc.cs b/DysonNetwork.Pass/Auth/AuthServiceGrpc.cs
index 3fb1ffe..db90599 100644
--- a/DysonNetwork.Pass/Auth/AuthServiceGrpc.cs
+++ b/DysonNetwork.Pass/Auth/AuthServiceGrpc.cs
@@ -1,9 +1,5 @@
-using DysonNetwork.Pass.Wallet;
-using DysonNetwork.Shared.Cache;
 using DysonNetwork.Shared.Proto;
 using Grpc.Core;
-using Microsoft.EntityFrameworkCore;
-using NodaTime;
 
 namespace DysonNetwork.Pass.Auth;
 
@@ -18,7 +14,7 @@ public class AuthServiceGrpc(
         ServerCallContext context
     )
     {
-        var (valid, session, message) = await token.AuthenticateTokenAsync(request.Token);
+        var (valid, session, message) = await token.AuthenticateTokenAsync(request.Token, request.IpAddress);
         if (!valid || session is null)
             return new AuthenticateResponse { Valid = false, Message = message ?? "Authentication failed." };
 
diff --git a/DysonNetwork.Shared/Auth/AuthScheme.cs b/DysonNetwork.Shared/Auth/AuthScheme.cs
index e72defc..5ac25fe 100644
--- a/DysonNetwork.Shared/Auth/AuthScheme.cs
+++ b/DysonNetwork.Shared/Auth/AuthScheme.cs
@@ -33,7 +33,10 @@ public class DysonTokenAuthHandler(
             AuthSession session;
             try
             {
-                session = await ValidateToken(tokenInfo.Token);
+                session = await ValidateToken(
+                    tokenInfo.Token,
+                    Request.HttpContext.Connection.RemoteIpAddress?.ToString()
+                );
             }
             catch (InvalidOperationException ex)
             {
@@ -78,12 +81,15 @@ public class DysonTokenAuthHandler(
         }
     }
 
-    private async Task<AuthSession> ValidateToken(string token)
+    private async Task<AuthSession> ValidateToken(string token, string? ipAddress)
     {
-        var resp = await auth.AuthenticateAsync(new AuthenticateRequest { Token = token });
+        var resp = await auth.AuthenticateAsync(new AuthenticateRequest
+        {
+            Token = token,
+            IpAddress = ipAddress
+        });
         if (!resp.Valid) throw new InvalidOperationException(resp.Message);
-        if (resp.Session == null) throw new InvalidOperationException("Session not found.");
-        return resp.Session;
+        return resp.Session ?? throw new InvalidOperationException("Session not found.");
     }
 
     private static byte[] Base64UrlDecode(string base64Url)
diff --git a/DysonNetwork.Shared/Proto/auth.proto b/DysonNetwork.Shared/Proto/auth.proto
index 74f3a6c..8cb5f3b 100644
--- a/DysonNetwork.Shared/Proto/auth.proto
+++ b/DysonNetwork.Shared/Proto/auth.proto
@@ -70,6 +70,7 @@ service AuthService {
 
 message AuthenticateRequest {
   string token = 1;
+  optional google.protobuf.StringValue ip_address = 2;
 }
 
 message AuthenticateResponse {