zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 17:59:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add detailed error messages on EPP login #2716

Browse source
This commit is contained in:
Martin Lensment 2015-06-29 11:13:19 +03:00
parent bb5870c30f
commit 533e3bc65c
4 changed files with 33 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

39
app/controllers/epp/sessions_controller.rb
View file

@ -7,17 +7,39 @@ class Epp::SessionsController < EppController
# rubocop: disable Metrics/PerceivedComplexity # rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity # rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/MethodLength
def login def login
cert_valid = true success = true
@api_user = ApiUser.find_by(login_params) @api_user = ApiUser.find_by(login_params)
if request.ip != ENV['webclient_ip'] && @api_user if request.ip != ENV['webclient_ip'] && @api_user
unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN']) unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
cert_valid = false @msg = 'Authentication error; server closing connection (certificate is not valid)'
success = false
end end
end end
if @api_user.try(:active) && cert_valid && ip_white? && connection_limit_ok? if success && !@api_user
@msg = 'Authentication error; server closing connection (API user not found)'
success = false
end
if success && !@api_user.try(:active)
@msg = 'Authentication error; server closing connection (API user is not active)'
success = false
end
if success && !ip_white?
@msg = 'Authentication error; server closing connection (IP is not whitelisted)'
success = false
end
if success && !connection_limit_ok?
@msg = 'Authentication error; server closing connection (connection limit reached)'
success = false
end
if success
if parsed_frame.css('newPW').first if parsed_frame.css('newPW').first
unless @api_user.update(password: parsed_frame.css('newPW').first.text) unless @api_user.update(password: parsed_frame.css('newPW').first.text)
response.headers['X-EPP-Returncode'] = '2200' response.headers['X-EPP-Returncode'] = '2200'
@ -33,14 +55,12 @@ class Epp::SessionsController < EppController
render_epp_response('login_fail') render_epp_response('login_fail')
end end
end end
# rubocop: enable Metrics/MethodLength
def ip_white? def ip_white?
return true if request.ip == ENV['webclient_ip'] return true if request.ip == ENV['webclient_ip']
if @api_user if @api_user
unless @api_user.registrar.api_ip_white?(request.ip) return false unless @api_user.registrar.api_ip_white?(request.ip)
@msg = t('ip_is_not_whitelisted')
return false
end
end end
true true
end end
@ -51,10 +71,7 @@ class Epp::SessionsController < EppController
'registrar_id = ? AND updated_at >= ?', @api_user.registrar_id, Time.zone.now - 5.minutes 'registrar_id = ? AND updated_at >= ?', @api_user.registrar_id, Time.zone.now - 5.minutes
).count ).count
if c >= 4 return false if c >= 4
@msg = t('connection_limit_reached')
return false
end
true true
end end

3
config/locales/en.yml
View file

@ -807,10 +807,8 @@ en:
domain_delete_confirmed_body: 'You have successfully submitted delete confirmation. You will receive registry final confirmation to email.' domain_delete_confirmed_body: 'You have successfully submitted delete confirmation. You will receive registry final confirmation to email.'
domain_delete_rejected_title: 'Domain deletion has been rejected successfully' domain_delete_rejected_title: 'Domain deletion has been rejected successfully'
domain_delete_rejected_body: 'You have rejected domain deletion.' domain_delete_rejected_body: 'You have rejected domain deletion.'
ip_is_not_whitelisted: 'IP is not whitelisted'
no_permission: 'No permission' no_permission: 'No permission'
access_denied: 'Access denied' access_denied: 'Access denied'
connection_limit_reached: 'Connection limit reached'
common_name: 'Common name' common_name: 'Common name'
md5: 'Md5' md5: 'Md5'
interface: 'Interface' interface: 'Interface'
@ -834,3 +832,4 @@ en:
create_bank_statement: 'Create bank statement' create_bank_statement: 'Create bank statement'
create_bank_transaction: 'Create bank transaction' create_bank_transaction: 'Create bank transaction'
create_new_invoice: 'Create new invoice' create_new_invoice: 'Create new invoice'
ip_is_not_whitelisted: 'IP is not whitelisted'

4
spec/epp/session_spec.rb
View file

@ -25,7 +25,7 @@ describe 'EPP Session', epp: true do
it 'does not log in with invalid user' do it 'does not log in with invalid user' do
wrong_user = @epp_xml.session.login(clID: { value: 'wrong-user' }, pw: { value: 'ghyt9e4fu' }) wrong_user = @epp_xml.session.login(clID: { value: 'wrong-user' }, pw: { value: 'ghyt9e4fu' })
response = epp_plain_request(wrong_user) response = epp_plain_request(wrong_user)
response[:msg].should == 'Authentication error; server closing connection' response[:msg].should == 'Authentication error; server closing connection (API user not found)'
response[:result_code].should == '2501' response[:result_code].should == '2501'
response[:clTRID].should == 'ABC-12345' response[:clTRID].should == 'ABC-12345'
end end
@ -36,7 +36,7 @@ describe 'EPP Session', epp: true do
inactive = @epp_xml.session.login(clID: { value: 'inactive-user' }, pw: { value: 'ghyt9e4fu' }) inactive = @epp_xml.session.login(clID: { value: 'inactive-user' }, pw: { value: 'ghyt9e4fu' })
response = epp_plain_request(inactive) response = epp_plain_request(inactive)
response[:msg].should == 'Authentication error; server closing connection' response[:msg].should == 'Authentication error; server closing connection (API user is not active)'
response[:result_code].should == '2501' response[:result_code].should == '2501'
end end

4
spec/features/registrar/sessions_spec.rb
View file

@ -114,7 +114,7 @@ feature 'Sessions', type: :feature do
fill_in 'user_phone', with: '00007' fill_in 'user_phone', with: '00007'
click_button 'Log in' click_button 'Log in'
page.should have_text('Check your phone for confirmation code') page.should have_text('Confirmation sms was sent to your phone. Verification code is')
page.should have_text('SIM application error') page.should have_text('SIM application error')
end end
@ -143,7 +143,7 @@ feature 'Sessions', type: :feature do
fill_in 'user_phone', with: '00007' fill_in 'user_phone', with: '00007'
click_button 'Log in' click_button 'Log in'
page.should have_text('Check your phone for confirmation code') page.should have_text('Confirmation sms was sent to your phone. Verification code is')
page.should have_text('Welcome!') page.should have_text('Welcome!')
end end