mirror of
https://github.com/internetee/registry.git
synced 2025-07-23 19:20:37 +02:00
Merge pull request #1698 from internetee/add-tara-to-registrant
Expand TARA auth logic to registrant portal
This commit is contained in:
commit
7f81883e7b
22 changed files with 158 additions and 401 deletions
|
@ -1,81 +1,6 @@
|
|||
class Registrant::SessionsController < Devise::SessionsController
|
||||
layout 'registrant/application'
|
||||
|
||||
def login_mid
|
||||
@user = User.new
|
||||
end
|
||||
|
||||
def mid
|
||||
phone = params[:user][:phone]
|
||||
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
|
||||
client = Digidoc::Client.new(endpoint)
|
||||
client.logger = Rails.application.config.logger unless Rails.env.test?
|
||||
|
||||
# country_codes = {'+372' => 'EST'}
|
||||
response = client.authenticate(
|
||||
phone: "+372#{phone}",
|
||||
message_to_display: 'Authenticating',
|
||||
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
|
||||
)
|
||||
|
||||
if response.faultcode
|
||||
render json: { message: response.detail.message }, status: :unauthorized
|
||||
return
|
||||
end
|
||||
|
||||
@user = RegistrantUser.find_or_create_by_mid_data(response)
|
||||
|
||||
if @user.persisted?
|
||||
session[:user_country] = response.user_country
|
||||
session[:user_id_code] = response.user_id_code
|
||||
session[:mid_session_code] = client.session_code
|
||||
|
||||
render json: {
|
||||
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
|
||||
}, status: :ok
|
||||
else
|
||||
render json: { message: t(:no_such_user) }, status: :unauthorized
|
||||
end
|
||||
end
|
||||
|
||||
def mid_status
|
||||
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
|
||||
client = Digidoc::Client.new(endpoint)
|
||||
client.logger = Rails.application.config.logger unless Rails.env.test?
|
||||
client.session_code = session[:mid_session_code]
|
||||
auth_status = client.authentication_status
|
||||
|
||||
case auth_status.status
|
||||
when 'OUTSTANDING_TRANSACTION'
|
||||
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
|
||||
when 'USER_AUTHENTICATED'
|
||||
@user = RegistrantUser.find_by(registrant_ident: "#{session[:user_country]}-#{session[:user_id_code]}")
|
||||
|
||||
sign_in(:registrant_user, @user)
|
||||
flash[:notice] = t(:welcome)
|
||||
flash.keep(:notice)
|
||||
render js: "window.location = '#{registrant_root_path}'"
|
||||
when 'NOT_VALID'
|
||||
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
|
||||
when 'EXPIRED_TRANSACTION'
|
||||
render json: { message: t(:session_timeout) }, status: :bad_request
|
||||
when 'USER_CANCEL'
|
||||
render json: { message: t(:user_cancelled) }, status: :bad_request
|
||||
when 'MID_NOT_READY'
|
||||
render json: { message: t(:mid_not_ready) }, status: :bad_request
|
||||
when 'PHONE_ABSENT'
|
||||
render json: { message: t(:phone_absent) }, status: :bad_request
|
||||
when 'SENDING_ERROR'
|
||||
render json: { message: t(:sending_error) }, status: :bad_request
|
||||
when 'SIM_ERROR'
|
||||
render json: { message: t(:sim_error) }, status: :bad_request
|
||||
when 'INTERNAL_ERROR'
|
||||
render json: { message: t(:internal_error) }, status: :bad_request
|
||||
else
|
||||
render json: { message: t(:internal_error) }, status: :bad_request
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def after_sign_in_path_for(_resource_or_scope)
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
class Registrar
|
||||
class TaraController < ApplicationController
|
||||
skip_authorization_check
|
||||
|
||||
# rubocop:disable Style/AndOr
|
||||
def callback
|
||||
session[:omniauth_hash] = user_hash
|
||||
@api_user = ApiUser.from_omniauth(user_hash)
|
||||
|
||||
if @api_user
|
||||
flash[:notice] = t(:signed_in_successfully)
|
||||
sign_in_and_redirect(:registrar_user, @api_user)
|
||||
else
|
||||
show_error and return
|
||||
end
|
||||
end
|
||||
# rubocop:enable Style/AndOr
|
||||
|
||||
def cancel
|
||||
redirect_to root_path, notice: t(:sign_in_cancelled)
|
||||
end
|
||||
|
||||
def show_error
|
||||
redirect_to new_registrar_user_session_url, alert: t(:no_such_user)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user_hash
|
||||
request.env['omniauth.auth']
|
||||
end
|
||||
end
|
||||
end
|
40
app/controllers/sso/tara_controller.rb
Normal file
40
app/controllers/sso/tara_controller.rb
Normal file
|
@ -0,0 +1,40 @@
|
|||
module Sso
|
||||
class TaraController < ApplicationController
|
||||
skip_authorization_check
|
||||
|
||||
def registrant_callback
|
||||
user = RegistrantUser.find_or_create_by_omniauth_data(user_hash)
|
||||
callback(user, registrar: false)
|
||||
end
|
||||
|
||||
def registrar_callback
|
||||
user = ApiUser.from_omniauth(user_hash)
|
||||
callback(user, registrar: true)
|
||||
end
|
||||
|
||||
# rubocop:disable Style/AndOr
|
||||
def callback(user, registrar: true)
|
||||
session[:omniauth_hash] = user_hash
|
||||
(show_error(registrar: registrar) and return) unless user
|
||||
|
||||
flash[:notice] = t(:signed_in_successfully)
|
||||
sign_in_and_redirect(registrar ? :registrar_user : :registrant_user, user)
|
||||
end
|
||||
# rubocop:enable Style/AndOr
|
||||
|
||||
def cancel
|
||||
redirect_to root_path, notice: t(:sign_in_cancelled)
|
||||
end
|
||||
|
||||
def show_error(registrar: true)
|
||||
path = registrar ? new_registrar_user_session_url : new_registrant_user_session_url
|
||||
redirect_to path, alert: t(:no_such_user)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user_hash
|
||||
request.env['omniauth.auth']
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Add table
Add a link
Reference in a new issue