added tokens

2025-08-01 07:26:22 +02:00 · 2022-02-09 16:18:25 +02:00 · 2022-02-09 16:18:25 +02:00 · 7e0c6b3afb
commit 7e0c6b3afb
parent c2969fa877
13 changed files with 94 additions and 62 deletions
--- a/3
+++ b/3
@ -104,3 +104,6 @@ gem 'pghero'
 gem 'pg_query', '>= 0.9.0'
 gem 'newrelic_rpm'
 gem 'newrelic-infinite_tracing'
+
+# token
+gem 'jwt'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -275,6 +275,7 @@ GEM
      activesupport (>= 4.2)
      aes_key_wrap
      bindata
+    jwt (2.3.0)
    kaminari (1.2.1)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.2.1)
@ -560,6 +561,7 @@ DEPENDENCIES
  iso8601 (= 0.13.0)
  jquery-rails
  jquery-ui-rails (= 6.0.1)
+  jwt
  kaminari
  lhv!
  mime-types-data
--- a/app/controllers/admin/invoices_controller.rb
+++ b/app/controllers/admin/invoices_controller.rb
@ -101,14 +101,5 @@ module Admin

      invoices.where(account_activities: { created_at: date_from..date_until })
    end
-
-    # def send_invoice_data_to_billing_system
-    #   add_invoice_instance = EisBilling::AddDeposits.new(@invoice)
-    #   result = add_invoice_instance.send_invoice
-
-    #   link = JSON.parse(result.body)['everypay_link']
-
-    #   @invoice.update(payment_link: link)
-    # end
  end
 end
--- a/app/controllers/eis_billing/base_controller.rb
+++ b/app/controllers/eis_billing/base_controller.rb
@ -1,14 +1,51 @@
 module EisBilling
  class BaseController < ApplicationController
-    # load_and_authorize_resource
-
+    protect_from_forgery with: :null_session
    skip_authorization_check # Temporary solution
-    skip_before_action :verify_authenticity_token # Temporary solution
+    # skip_before_action :verify_authenticity_token # Temporary solution
+    before_action :authorized
+
+    def encode_token(payload)
+      JWT.encode(payload, ENV['secret_word'])
    end

-  protected
+    def auth_header
+      # { Authorization: 'Bearer <token>' }
+      request.headers['Authorization']
+    end
+
+    def decoded_token
+      if auth_header
+        token = auth_header.split(' ')[1]
+        # header: { 'Authorization': 'Bearer <token>' }
+        begin
+          JWT.decode(token, ENV['secret_word'], true, algorithm: 'HS256')
+        rescue JWT::DecodeError
+          nil
+        end
+      end
+    end
+
+    def accessable_service
+      if decoded_token
+        decoded_token[0]['data'] == ENV['secret_access_word']
+      end
+    end
+
+    def logged_in?
+      !!accessable_service
+    end
+
+    def authorized
+      render json: { message: 'Access denied' }, status: :unauthorized unless logged_in?
+    end
+
+    def logger
+      Rails.logger
+    end

    def logger
      @logger ||= Rails.logger
    end
  end
+end
--- a/app/controllers/registrar/deposits_controller.rb
+++ b/app/controllers/registrar/deposits_controller.rb
@ -12,7 +12,6 @@ class Registrar

      if @invoice
        flash[:notice] = t(:please_pay_the_following_invoice)
-        # send_invoice_data_to_billing_system
        redirect_to [:registrar, @invoice]
      else
        flash[:alert] = @deposit.errors.full_messages.join(', ')
@ -22,15 +21,6 @@ class Registrar

    private

-    # def send_invoice_data_to_billing_system
-    #   add_invoice_instance = EisBilling::AddDeposits.new(@invoice)
-    #   result = add_invoice_instance.send_invoice
-
-    #   link = JSON.parse(result.body)['everypay_link']
-
-    #   @invoice.update(payment_link: link)
-    # end
-
    def deposit_params
      params.require(:deposit).permit(:amount, :description)
    end
--- a/app/models/invoice.rb
+++ b/app/models/invoice.rb
@ -41,21 +41,14 @@ class Invoice < ApplicationRecord
  attribute :vat_rate, ::Type::VatRate.new

  def set_invoice_number
-    # last_no = Invoice.order(number: :desc).limit(1).pick(:number)
-
-    # if last_no && last_no >= Setting.invoice_number_min.to_i
-    #   self.number = last_no + 1
-    # else
-    #   self.number = Setting.invoice_number_min.to_i
-    # end
-
-    # return if number <= Setting.invoice_number_max.to_i
-
-    # errors.add(:base, I18n.t('failed_to_generate_invoice_invoice_number_limit_reached'))
-    # logger.error('INVOICE NUMBER LIMIT REACHED, COULD NOT GENERATE INVOICE')
-    # throw(:abort)
    result = EisBilling::GetInvoiceNumber.send_invoice

+    if JSON.parse(result.body)['code'] == '403'
+      errors.add(:base, I18n.t('cannot get access'))
+      logger.error('PROBLEM WITH TOKEN')
+      throw(:abort)
+    end
+
    if JSON.parse(result.body)['error'] == 'out of range'
      errors.add(:base, I18n.t('failed_to_generate_invoice_invoice_number_limit_reached'))
      logger.error('INVOICE NUMBER LIMIT REACHED, COULD NOT GENERATE INVOICE')
--- a/app/services/eis_billing/add_deposits.rb
+++ b/app/services/eis_billing/add_deposits.rb
@ -27,7 +27,7 @@ module EisBilling

    def send_request(json_obj:)
      http = EisBilling::Base.base_request(url: invoice_generator_url)
-      http.post(invoice_generator_url, json_obj.to_json, HEADERS)
+      http.post(invoice_generator_url, json_obj.to_json, EisBilling::Base.headers)
    end

    def invoice_generator_url
--- a/app/services/eis_billing/base.rb
+++ b/app/services/eis_billing/base.rb
@ -1,12 +1,5 @@
 module EisBilling
  class Base
-    #  crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31])
-    # irb(main):047:0> encrypted_data = crypt.encrypt_and_sign('PLEASE CREATE INVOICE')
-    # => 
-    # irb(main):048:0> decrypted_back = crypt.decrypt_and_verify(encrypted_data)
-    # => 
-    TOKEN = 'Bearer WA9UvDmzR9UcE5rLqpWravPQtdS8eDMAIynzGdSOTw==--9ZShwwij3qmLeuMJ--NE96w2PnfpfyIuuNzDJTGw=='.freeze
-
    BASE_URL = ''
    if Rails.env.staging?
      BASE_URL = ENV['eis_billing_system_base_url_staging']
@ -16,11 +9,8 @@ module EisBilling

    INITIATOR = 'registry'

-    HEADERS = {
-      'Authorization' => 'Bearer foobar',
-      'Content-Type' => 'application/json',
-      'Accept' => TOKEN
-    }
+    SECRET_WORD = ENV['secret_word']
+    SECRET_ACCESS_WORD = ENV['secret_access_word']

    def self.base_request(url:)
      uri = URI(url)
@ -33,5 +23,20 @@ module EisBilling

      http
    end
+
+    def self.generate_token
+      JWT.encode(payload, ENV['secret_word'])
+    end
+
+    def self.payload
+      { data: ENV['secret_access_word'] }
+    end
+
+    def self.headers
+      {
+      'Authorization' => "Bearer #{generate_token}",
+      'Content-Type' => 'application/json',
+      }
+    end
  end
 end
--- a/app/services/eis_billing/get_invoice_number.rb
+++ b/app/services/eis_billing/get_invoice_number.rb
@ -8,7 +8,7 @@ module EisBilling

    def self.send_request
      http = EisBilling::Base.base_request(url: invoice_number_generator_url)
-      http.post(invoice_number_generator_url, nil, HEADERS)
+      http.post(invoice_number_generator_url, nil, EisBilling::Base.headers)
    end

    def self.invoice_number_generator_url
--- a/app/services/eis_billing/get_reference_number.rb
+++ b/app/services/eis_billing/get_reference_number.rb
@ -14,11 +14,11 @@ module EisBilling

    def self.send_request
      http = EisBilling::Base.base_request(url: reference_number_generator_url)
-      http.post(reference_number_generator_url, obj_data.to_json, HEADERS)
+      http.post(reference_number_generator_url, obj_data.to_json, EisBilling::Base.headers)
    end

    def self.reference_number_generator_url
-      "#{BASE_URL}/api/v1/invoice_generator/reference_number_generator"
+      "#{EisBilling::Base::BASE_URL}/api/v1/invoice_generator/reference_number_generator"
    end
  end
 end
--- a/app/services/eis_billing/send_data_to_directo.rb
+++ b/app/services/eis_billing/send_data_to_directo.rb
@ -13,7 +13,7 @@ module EisBilling
      }

      http = EisBilling::Base.base_request(url: directo_url)
-      http.post(directo_url, prepared_data.to_json, HEADERS)
+      http.post(directo_url, prepared_data.to_json, EisBilling::Base.headers)
    end

    def self.directo_url
--- a/app/services/eis_billing/send_e_invoice.rb
+++ b/app/services/eis_billing/send_e_invoice.rb
@ -34,7 +34,7 @@ module EisBilling
      prepared_data[:items] = items

      http = EisBilling::Base.base_request(url: e_invoice_url)
-      http.post(e_invoice_url, prepared_data.to_json, HEADERS)
+      http.post(e_invoice_url, prepared_data.to_json, EisBilling::Base.headers)
    end

    def self.e_invoice_url
--- a/lib/tasks/eis_billing_import_data.rake
+++ b/lib/tasks/eis_billing_import_data.rake
@ -46,11 +46,6 @@ end
 def base_request(url:, json_obj:)
  uri = URI(url)
  http = Net::HTTP.new(uri.host, uri.port)
-  headers = {
-    'Authorization' => 'Bearer foobar',
-    'Content-Type' => 'application/json',
-    'Accept' => TOKEN
-  }

  unless Rails.env.development?
    http.use_ssl = true
@ -59,3 +54,19 @@ def base_request(url:, json_obj:)

  http.post(url, json_obj.to_json, headers)
 end
+
+def generate_token
+  JWT.encode(payload, ENV['secret_word'])
+end
+
+def payload
+  { data: ENV['secret_access_word'] }
+end
+
+def headers 
+  {
+  'Authorization' => "Bearer #{generate_token}",
+  'Content-Type' => 'application/json',
+  }
+end
+