mirror of
https://github.com/internetee/registry.git
synced 2025-07-21 18:26:06 +02:00
Add IP block on authentication via EID
Also, correct mistakenly used 403 error code. Update aplication-example.yml to include new functionality.
This commit is contained in:
parent
8f234a5852
commit
42004f933f
6 changed files with 42 additions and 6 deletions
|
@ -5,6 +5,8 @@ module Api
|
|||
module V1
|
||||
module Registrant
|
||||
class AuthController < ActionController::API
|
||||
before_action :check_ip_whitelist
|
||||
|
||||
rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
|
||||
error = {}
|
||||
error[parameter_missing_exception.param] = ['parameter is required']
|
||||
|
@ -39,6 +41,14 @@ module Api
|
|||
hash = token_creator.token_in_hash
|
||||
hash
|
||||
end
|
||||
|
||||
def check_ip_whitelist
|
||||
allowed_ips = ENV['registrant_api_auth_allowed_ips'].to_s.split(',').map(&:strip)
|
||||
|
||||
unless allowed_ips.include?(request.ip) || Rails.env.development?
|
||||
render json: { error: 'Not authorized' }, status: 401
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,6 +7,13 @@ module Api
|
|||
class BaseController < ActionController::API
|
||||
before_action :authenticate
|
||||
|
||||
rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
|
||||
error = {}
|
||||
error[parameter_missing_exception.param] = ['parameter is required']
|
||||
response = { errors: [error] }
|
||||
render json: response, status: :unprocessable_entity
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def bearer_token
|
||||
|
@ -22,7 +29,7 @@ module Api
|
|||
if decryptor.valid?
|
||||
sign_in decryptor.user
|
||||
else
|
||||
render json: { error: 'Not authorized' }, status: 403
|
||||
render json: { error: 'Not authorized' }, status: 401
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,11 +7,11 @@ module Api
|
|||
class DomainsController < BaseController
|
||||
def index
|
||||
registrant = ::Registrant.find_by(ident: current_user.registrant_ident)
|
||||
unless registrant
|
||||
render json: Domain.all
|
||||
else
|
||||
if registrant
|
||||
domains = Domain.where(registrant_id: registrant.id)
|
||||
render json: domains
|
||||
else
|
||||
render json: []
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue