Merge branch 'master' of github.com:domify/registry

2025-07-25 12:08:27 +02:00 · 2015-05-20 21:00:03 +03:00 · 2015-05-20 21:00:03 +03:00 · 17bf5c373e
commit 17bf5c373e
parent 84cd0b8378 6a63c258f6
9 changed files with 30 additions and 11 deletions
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@ -18,7 +18,7 @@ class Epp::SessionsController < EppController
      @api_user = ApiUser.find_by(login_params)
    end

-    if @api_user.try(:active) && cert_valid && ip_white?
+    if @api_user.try(:active) && cert_valid && ip_white? && connection_limit_ok?
      if parsed_frame.css('newPW').first
        unless @api_user.update(password: parsed_frame.css('newPW').first.text)
          response.headers['X-EPP-Returncode'] = '2200'
@ -27,6 +27,7 @@ class Epp::SessionsController < EppController
      end

      epp_session[:api_user_id] = @api_user.id
+      epp_session.update_column(:registrar_id, @api_user.registrar_id)
      render_epp_response('login_success')
    else
      response.headers['X-EPP-Returncode'] = '2200'
@ -45,12 +46,24 @@ class Epp::SessionsController < EppController
    true
  end

+  def connection_limit_ok?
+    c = EppSession.where(
+      'registrar_id = ? AND updated_at >= ?', @api_user.registrar_id, Time.zone.now - 5.minutes
+    ).count
+
+    if c >= 4
+      @msg = t('connection_limit_reached')
+      return false
+    end
+    true
+  end
+
  # rubocop: enable Metrics/PerceivedComplexity
  # rubocop: enable Metrics/CyclomaticComplexity

  def logout
    @api_user = current_user # cache current_user for logging
-    epp_session[:api_user_id] = nil
+    epp_session.destroy
    response.headers['X-EPP-Returncode'] = '1500'
    render_epp_response('logout')
  end
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@ -147,7 +147,7 @@ class Registrar::SessionsController < Devise::SessionsController
  def check_ip
    return if Rails.env.development?
    return if WhiteIp.registrar_ip_white?(request.ip)
-    render text: t('ip_is_not_whitelisted') and return
+    render text: t('access_denied') and return
  end

  def role_base_root_url(user)
--- a/app/controllers/registrar_controller.rb
+++ b/app/controllers/registrar_controller.rb
@ -18,7 +18,7 @@ class RegistrarController < ApplicationController
    end
    return if Rails.env.development?
    return if current_user.registrar.registrar_ip_white?(request.ip)
-    flash[:alert] = t('ip_is_not_whitelisted')
+    flash[:alert] = t('access_denied')
    sign_out(current_user)
    redirect_to registrar_login_path and return
  end