I ran into problems with networks which send out traffic from a different source IP for each request, and it was causing problems with tornadio2's same-IP session checking.
I introduced the setting verify_remote_ip to disable that checking. If set to True (the default), the checking will happen. If False, the check will be bypassed. I defaulted it to True as disabling the check makes session spoofing easier.
Added verify_remote_ip option so that same-IP session checking can be…
… disabled if required