Ip whitelist based on authentication?

Is it possible to get some sort of authentication that upon authentication adds the ip of the user to ip whitelist for a specified period of time? This would be a good way to add a security layer to some services shared to friends, for example jellyfin

Sure, you can implement everything you like with Traefik plugins.

If you don’t like to implement in go, you could dynamically create and update middleware whitelist config as file or as http api or store it in consul, etcd or redis (providers doc).