Merge pull request #1698 from internetee/add-tara-to-registrant

Expand TARA auth logic to registrant portal
2025-06-11 07:04:47 +02:00 · 2020-10-15 16:58:12 +03:00 · 2020-10-15 16:58:12 +03:00 · 7f81883e7b
commit 7f81883e7b
parent 0e55f413a5 a8a985b9d3
22 changed files with 158 additions and 401 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@ -78,12 +78,6 @@ Rails.application.routes.draw do

    devise_for :users, path: '', class_name: 'ApiUser', skip: %i[sessions]

-    devise_scope :registrar_user do
-      match '/open_id/callback', via: %i[get post], to: 'tara#callback', as: :tara_callback
-      match '/open_id/cancel', via: %i[get post delete], to: 'tara#cancel',
-            as: :tara_cancel
-    end
-
    resources :invoices, except: %i[new create edit update destroy] do
      resource :delivery, controller: 'invoices/delivery', only: %i[new create]

@ -160,6 +154,22 @@ Rails.application.routes.draw do
      post 'sessions', to: 'registrar/sessions#create', as: :registrar_user_session

      delete 'sign_out', to: 'registrar/sessions#destroy', as: :destroy_registrar_user_session
+
+      # TARA
+      match '/open_id/callback', via: %i[get post], to: 'sso/tara#registrar_callback'
+      match '/open_id/cancel', via: %i[get post delete], to: 'sso/tara#cancel'
+    end
+  end
+
+  scope :registrant do
+    devise_scope :registrant_user do
+      get 'sign_in', to: 'registrant/sessions#new', as: :new_registrant_user_session
+      post 'sessions', to: 'registrant/sessions#create', as: :registrant_user_session
+      delete 'sign_out', to: 'registrant/sessions#destroy', as: :destroy_registrant_user_session
+
+      # TARA
+      match '/open_id/callback', via: %i[get post], to: 'sso/tara#registrant_callback'
+      match '/open_id/cancel', via: %i[get post delete], to: 'sso/tara#cancel'
    end
  end

@ -168,17 +178,6 @@ Rails.application.routes.draw do

    # POST /registrant/sign_in is not used
    devise_for :users, path: '', class_name: 'RegistrantUser'
-    devise_scope :registrant_user do
-      get 'login/mid' => 'sessions#login_mid'
-      post 'login/mid' => 'sessions#mid'
-      post 'login/mid_status' => 'sessions#mid_status'
-      post 'mid' => 'sessions#mid'
-
-      # /registrant/id path is hardcoded in Apache config for authentication with Estonian ID-card
-      # Client certificate is asked only on login form submission, therefore the path must be different from the one in
-      # `new_registrant_user_session_path` route, in case some other auth type will be implemented
-      post 'id' => 'sessions#create', as: :id_card_sign_in
-    end

    resources :registrars, only: :show
    # resources :companies, only: :index