Do not allow more than 4 simultaneous EPP connections

2025-05-16 09:27:19 +02:00 · 2015-05-20 20:41:53 +03:00 · 2015-05-20 20:41:53 +03:00 · 6a63c258f6
commit 6a63c258f6
parent b39c3ab262
5 changed files with 25 additions and 4 deletions
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@ -18,7 +18,7 @@ class Epp::SessionsController < EppController
      @api_user = ApiUser.find_by(login_params)
    end
-    if @api_user.try(:active) && cert_valid && ip_white?
+    if @api_user.try(:active) && cert_valid && ip_white? && connection_limit_ok?
      if parsed_frame.css('newPW').first
        unless @api_user.update(password: parsed_frame.css('newPW').first.text)
          response.headers['X-EPP-Returncode'] = '2200'
@ -27,6 +27,7 @@ class Epp::SessionsController < EppController
      end
      epp_session[:api_user_id] = @api_user.id
      epp_session.update_column(:registrar_id, @api_user.registrar_id)
      render_epp_response('login_success')
    else
      response.headers['X-EPP-Returncode'] = '2200'
@ -45,12 +46,24 @@ class Epp::SessionsController < EppController
    true
  end
  def connection_limit_ok?
    c = EppSession.where(
      'registrar_id = ? AND updated_at >= ?', @api_user.registrar_id, Time.zone.now - 5.minutes
    ).count
    if c >= 4
      @msg = t('connection_limit_reached')
      return false
    end
    true
  end
  # rubocop: enable Metrics/PerceivedComplexity
  # rubocop: enable Metrics/CyclomaticComplexity
  def logout
    @api_user = current_user # cache current_user for logging
-    epp_session[:api_user_id] = nil
+    epp_session.destroy
    response.headers['X-EPP-Returncode'] = '1500'
    render_epp_response('logout')
  end
--- a/app/models/epp_session.rb
+++ b/app/models/epp_session.rb
@ -1,8 +1,9 @@
 class EppSession < ActiveRecord::Base
  before_save :marshal_data!
  belongs_to :registrar
  # rubocop: disable Rails/ReadWriteAttribute
-  # Turned back to read_attribute, thus in Rails 4 
+  # Turned back to read_attribute, thus in Rails 4
  # there is differences between self[:data] and read_attribute.
  def data
    @data ||= self.class.unmarshal(read_attribute(:data)) || {}
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -797,3 +797,4 @@ en:
  registrant_domain_verification_rejected_failed: 'Something went wrong'
  ip_is_not_whitelisted: 'IP is not whitelisted'
  access_denied: 'Access denied'
  connection_limit_reached: 'Connection limit reached'
--- a/db/migrate/20150520164507_add_registrar_id_to_epp_session.rb
+++ b/db/migrate/20150520164507_add_registrar_id_to_epp_session.rb
@ -0,0 +1,5 @@
 class AddRegistrarIdToEppSession < ActiveRecord::Migration
  def change
    add_column :epp_sessions, :registrar_id, :integer
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20150519144118) do
+ActiveRecord::Schema.define(version: 20150520164507) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@ -317,6 +317,7 @@ ActiveRecord::Schema.define(version: 20150519144118) do
    t.text     "data"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.integer  "registrar_id"
  end
  add_index "epp_sessions", ["session_id"], name: "index_epp_sessions_on_session_id", unique: true, using: :btree