Getting the IP address for the user can be done with some java code, see this post answer: https://community.mendix.com/link/space/java-actions/questions/127641
Make sure that the login is done with the help of a nanoflow that calls a microflow that can perform the IP address retrieval and then implement the logic.
Or implement the logic in the role based homepage microflow (navigation) and if the IP address is not in the whitelist in your application then log the user out with the help of a sign out activity.
I'd prefer the first method, but the second is maybe easier to implement.
Please check below also.
Mendix Community - Question Details
Mendix Community - Question Details
Mendix Community - Question Details