zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 22:54:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add IP block on authentication via EID

Browse source 
Also, correct mistakenly used 403 error code.
Update aplication-example.yml to include new functionality.
This commit is contained in:
Maciej Szlosarczyk 2018-07-24 11:33:51 +03:00
parent 8f234a5852
commit 42004f933f
No known key found for this signature in database
GPG key ID: 41D62D42D3B0D765
6 changed files with 42 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
app/controllers/api/v1/registrant/auth_controller.rb
View file

@ -5,6 +5,8 @@ module Api
module V1
module Registrant
class AuthController < ActionController::API
before_action :check_ip_whitelist
rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
error = {}
error[parameter_missing_exception.param] = ['parameter is required']
@ -39,6 +41,14 @@ module Api
hash = token_creator.token_in_hash
hash
end
def check_ip_whitelist
allowed_ips = ENV['registrant_api_auth_allowed_ips'].to_s.split(',').map(&:strip)
unless allowed_ips.include?(request.ip) || Rails.env.development?
render json: { error: 'Not authorized' }, status: 401
end
end
end
end
end