zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 01:47:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Improve changelog, certificate validation

Browse source
This commit is contained in:
Martin Lensment 2015-02-19 16:11:02 +02:00
parent 316f9376fe
commit 384d0cb962
2 changed files with 46 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
app/controllers/epp/sessions_controller.rb
View file

@ -3,15 +3,23 @@ class Epp::SessionsController < EppController
render_epp_response('greeting')
end
# rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity
def login
cert_valid = true
# Allow login with only username
if request.ip == APP_CONFIG['webclient_ip'] && login_params[:password].nil?
@api_user = ApiUser.find_by(username: login_params[:username])
elsif request.ip == APP_CONFIG['webclient_ip']
@api_user = ApiUser.find_by(login_params)
else
if request.env['HTTP_SSL_CLIENT_S_DN_CN'] != login_params[:username]
cert_valid = false
end
@api_user = ApiUser.find_by(login_params)
end
if @api_user.try(:active)
if @api_user.try(:active) && cert_valid
epp_session[:api_user_id] = @api_user.id
render_epp_response('login_success')
else
@ -19,6 +27,8 @@ class Epp::SessionsController < EppController
render_epp_response('login_fail')
end
end
# rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity
def logout
@api_user = current_user # cache current_user for logging