Add certs control

2025-08-01 07:26:22 +02:00 · 2022-06-13 15:33:37 +03:00 · 2022-06-13 15:33:37 +03:00 · 7ec5c914bc
commit 7ec5c914bc
parent d848675557
3 changed files with 17 additions and 4 deletions
--- a/app/controllers/repp/v1/registrar/auth_controller.rb
+++ b/app/controllers/repp/v1/registrar/auth_controller.rb
@ -9,6 +9,11 @@ module Repp
        desc 'check user auth info and return data'
        def index
          registrar = current_user.registrar
+          unless client_certs_ok
+            handle_non_epp_errors(current_user, 'Invalid certificate')
+            return
+          end
+
          render_success(data: auth_values_to_data(registrar: registrar))
        end

@ -43,6 +48,11 @@ module Repp
        def auth_params
          params.require(:auth).permit(:uid, :new_user_id)
        end
+
+        def client_certs_ok
+          current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'],
+                               request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false)
+        end
      end
    end
  end