zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-04 03:37:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

change key token

Browse source
This commit is contained in:
olegphenomenon 2021-09-09 11:07:23 +03:00
parent 62ce5ff561
commit 11b7a13cf3
4 changed files with 7 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

9
app/controllers/api/v1/accreditation_center/base_controller.rb
View file

@ -4,8 +4,6 @@ module Api
module V1 module V1
module AccreditationCenter module AccreditationCenter
class BaseController < ActionController::API class BaseController < ActionController::API
# before_action :check_ip_whitelist
rescue_from ActiveRecord::RecordNotFound, with: :show_not_found_error rescue_from ActiveRecord::RecordNotFound, with: :show_not_found_error
rescue_from ActiveRecord::RecordInvalid, with: :show_invalid_record_error rescue_from ActiveRecord::RecordInvalid, with: :show_invalid_record_error
rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception| rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
@ -17,13 +15,6 @@ module Api
private private
# def check_ip_whitelist
# allowed_ips = ENV['accr_center_api_auth_allowed_ips'].to_s.split(',').map(&:strip)
# return if allowed_ips.include?(request.ip) || Rails.env.development? || Rails.env.staging?
# render json: { errors: [{ base: ['Not authorized'] }] }, status: :unauthorized
# end
def show_not_found_error def show_not_found_error
render json: { errors: [{ base: ['Not found'] }] }, status: :not_found render json: { errors: [{ base: ['Not found'] }] }, status: :not_found
end end

8
app/controllers/repp/v1/base_controller.rb
View file

@ -117,14 +117,12 @@ module Repp
return if Rails.env.test? return if Rails.env.test?
header = request.headers['AccreditationToken'] header = request.headers['AccreditationToken']
return if header == 'TEMPORARY_SECRET_KEY' return if header == ENV['accreditation_secret']
ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip) ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
end end
def validate_webclient_ca def validate_webclient_ca
return unless webclient_request? return unless webclient_request?
request_name = request.env['HTTP_SSL_CLIENT_S_DN_CN'] request_name = request.env['HTTP_SSL_CLIENT_S_DN_CN']
@ -136,6 +134,10 @@ module Repp
render(json: @response, status: :unauthorized) render(json: @response, status: :unauthorized)
end end
def logger
Rails.logger
end
end end
end end
end end

2
app/controllers/repp/v1/registrar/accreditation_results_controller.rb
View file

@ -4,7 +4,7 @@ module Repp
class AccreditationResultsController < ActionController::API class AccreditationResultsController < ActionController::API
before_action :authenticate_shared_key before_action :authenticate_shared_key
TEMPORARY_SECRET_KEY = 'temporary-secret-key'.freeze TEMPORARY_SECRET_KEY = ENV['accreditation_secret'].freeze
api :POST, 'repp/v1/registrar/accreditation/push_results' api :POST, 'repp/v1/registrar/accreditation/push_results'
desc 'added datetime results' desc 'added datetime results'

2
test/integration/repp/v1/registrar/accreditation_results_test.rb
View file

@ -1,7 +1,7 @@
require 'test_helper' require 'test_helper'
class ReppV1AccreditationResultsTest < ActionDispatch::IntegrationTest class ReppV1AccreditationResultsTest < ActionDispatch::IntegrationTest
TEMPORARY_SECRET_KEY = 'temporary-secret-key'.freeze TEMPORARY_SECRET_KEY = ENV['accreditation_secret'].freeze
def setup def setup
@user = users(:api_bestnames) @user = users(:api_bestnames)