zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-19 10:49:39 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow logging in with only username

Browse source
This commit is contained in:
Martin Lensment 2015-02-19 14:44:42 +02:00
parent 34a1bde3e4
commit 316f9376fe
3 changed files with 15 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

14
app/api/repp/api.rb
View file

@ -3,8 +3,18 @@ module Repp
format :json
prefix :repp
http_basic do |username, password|
@current_user ||= ApiUser.find_by(username: username, password: password)
before do
auth_param = request.headers['Authorization'].split(' ', 2).second
username, password = ::Base64.decode64(auth_param || '').split(':', 2)
# allow user lookup only by username if request came from webclient
if request.ip == APP_CONFIG['webclient_ip'] && password.blank?
login_params = { username: username }
else
login_params = { username: username, password: password }
end
@current_user ||= ApiUser.find_by(login_params)
end
helpers do

4
app/controllers/epp/sessions_controller.rb
View file

@ -4,8 +4,8 @@ class Epp::SessionsController < EppController
end
def login
# pki login
if request.env['HTTP_SSL_CLIENT_S_DN_CN'] == login_params[:username]
# Allow login with only username
if request.ip == APP_CONFIG['webclient_ip'] && login_params[:password].nil?
@api_user = ApiUser.find_by(username: login_params[:username])
else
@api_user = ApiUser.find_by(login_params)

1
config/routes.rb
View file

@ -3,6 +3,7 @@ require 'epp_constraint'
Rails.application.routes.draw do
namespace(:epp, defaults: { format: :xml }) do
match 'session/:action', controller: 'sessions', via: :all
match 'session/pki/:action', controller: 'sessions', via: :all
post 'command/:action', controller: 'domains', constraints: EppConstraint.new(:domain)
post 'command/:action', controller: 'contacts', constraints: EppConstraint.new(:contact)