change key token

2025-06-02 02:38:35 +02:00 · 2021-09-09 11:07:23 +03:00 · 2021-09-09 11:07:23 +03:00 · 11b7a13cf3
commit 11b7a13cf3
parent 62ce5ff561
4 changed files with 7 additions and 14 deletions
--- a/app/controllers/api/v1/accreditation_center/base_controller.rb
+++ b/app/controllers/api/v1/accreditation_center/base_controller.rb
@ -4,8 +4,6 @@ module Api
  module V1
    module AccreditationCenter
      class BaseController < ActionController::API
-        # before_action :check_ip_whitelist
-
        rescue_from ActiveRecord::RecordNotFound, with: :show_not_found_error
        rescue_from ActiveRecord::RecordInvalid, with: :show_invalid_record_error
        rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
@ -17,13 +15,6 @@ module Api

        private

-        # def check_ip_whitelist
-        #   allowed_ips = ENV['accr_center_api_auth_allowed_ips'].to_s.split(',').map(&:strip)
-        #   return if allowed_ips.include?(request.ip) || Rails.env.development? || Rails.env.staging?
-
-        #   render json: { errors: [{ base: ['Not authorized'] }] }, status: :unauthorized
-        # end
-
        def show_not_found_error
          render json: { errors: [{ base: ['Not found'] }] }, status: :not_found
        end
--- a/app/controllers/repp/v1/base_controller.rb
+++ b/app/controllers/repp/v1/base_controller.rb
@ -117,14 +117,12 @@ module Repp
        return if Rails.env.test?

        header  = request.headers['AccreditationToken']
-        return if header == 'TEMPORARY_SECRET_KEY'
+        return if header == ENV['accreditation_secret']

        ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
      end

      def validate_webclient_ca
-        
-
        return unless webclient_request?

        request_name = request.env['HTTP_SSL_CLIENT_S_DN_CN']
@ -136,6 +134,10 @@ module Repp

        render(json: @response, status: :unauthorized)
      end
+
+      def logger
+        Rails.logger
+      end
    end
  end
 end
--- a/app/controllers/repp/v1/registrar/accreditation_results_controller.rb
+++ b/app/controllers/repp/v1/registrar/accreditation_results_controller.rb
@ -4,7 +4,7 @@ module Repp
      class AccreditationResultsController < ActionController::API
        before_action :authenticate_shared_key

-        TEMPORARY_SECRET_KEY = 'temporary-secret-key'.freeze
+        TEMPORARY_SECRET_KEY = ENV['accreditation_secret'].freeze

        api :POST, 'repp/v1/registrar/accreditation/push_results'
        desc 'added datetime results'
--- a/test/integration/repp/v1/registrar/accreditation_results_test.rb
+++ b/test/integration/repp/v1/registrar/accreditation_results_test.rb
@ -1,7 +1,7 @@
 require 'test_helper'

 class ReppV1AccreditationResultsTest < ActionDispatch::IntegrationTest
-  TEMPORARY_SECRET_KEY = 'temporary-secret-key'.freeze
+  TEMPORARY_SECRET_KEY = ENV['accreditation_secret'].freeze

  def setup
    @user = users(:api_bestnames)