Put back password for pki login

2025-07-21 18:26:06 +02:00 · 2015-02-23 11:53:23 +02:00 · 2015-02-23 11:53:23 +02:00 · 00ecdba699
commit 00ecdba699
parent fe67c51436
3 changed files with 12 additions and 16 deletions
--- a/app/api/repp/api.rb
+++ b/app/api/repp/api.rb
@ -3,18 +3,8 @@ module Repp
    format :json
    prefix :repp

-    before do
-      auth_param = request.headers['Authorization'].split(' ', 2).second
-      username, password = ::Base64.decode64(auth_param || '').split(':', 2)
-
-      # allow user lookup only by username if request came from webclient
-      if request.ip == APP_CONFIG['webclient_ip'] && password.blank?
-        login_params = { username: username }
-      else
-        login_params = { username: username, password: password }
-      end
-
-      @current_user ||= ApiUser.find_by(login_params)
+    http_basic do |username, password|
+      @current_user ||= ApiUser.find_by(username: username, password: password)
    end

    helpers do
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@ -9,10 +9,7 @@ class Epp::SessionsController < EppController
  # rubocop: disable Metrics/CyclomaticComplexity
  def login
    cert_valid = true
-    # Allow login with only username
-    if request.ip == APP_CONFIG['webclient_ip'] && login_params[:password].nil?
-      @api_user = ApiUser.find_by(username: login_params[:username])
-    elsif request.ip == APP_CONFIG['webclient_ip']
+    if request.ip == APP_CONFIG['webclient_ip']
      @api_user = ApiUser.find_by(login_params)
    else
      if request.env['HTTP_SSL_CLIENT_S_DN_CN'] != login_params[:username]