zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 14:44:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Prohibit authenticated EPP user from logging in again

Browse source 
Fixes #1313
This commit is contained in:
Artur Beljajev 2019-09-13 17:53:32 +03:00 committed by Alex Sherman
parent 7ba5b3b2ae
commit 3a5779782a
2 changed files with 41 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

14
app/controllers/epp/sessions_controller.rb
View file

@ -88,12 +88,24 @@ module Epp
if success
new_password = params[:parsed_frame].at_css('newPW')&.text
password_change = new_password.present?
if new_password.present?
if password_change
@api_user.plain_text_password = new_password
@api_user.save!
end
already_authenticated = EppSession.exists?(session_id: epp_session_id)
if already_authenticated
epp_errors << {
msg: 'Command use error; Already authenticated',
code: 2002,
}
handle_errors
return
end
epp_session = EppSession.new
epp_session.session_id = epp_session_id
epp_session.user = @api_user