Refactor

2025-07-23 11:16:00 +02:00 · 2019-09-18 17:35:52 +03:00 · 2019-09-18 17:35:52 +03:00 · 9baa65a775
commit 9baa65a775
parent 4c884cce37
6 changed files with 159 additions and 22 deletions
--- a/app/controllers/epp/base_controller.rb
+++ b/app/controllers/epp/base_controller.rb
@ -10,7 +10,8 @@ module Epp
    before_action :latin_only
    before_action :validate_against_schema
    before_action :validate_request
-    before_action :update_epp_session, if: -> { signed_in? }
+    before_action :enforce_epp_session_timeout, if: :signed_in?
+    before_action :iptables_counter_update, if: :signed_in?

    around_action :wrap_exceptions

@ -349,32 +350,21 @@ module Epp
      raise 'EPP session id is empty' unless epp_session_id.present?
    end

-    def update_epp_session
-      iptables_counter_update
-
-      if session_timeout_reached?
-        @api_user = current_user # cache current_user for logging
-        epp_session.destroy
-
+    def enforce_epp_session_timeout
+      if epp_session.timed_out?
        epp_errors << {
-          msg: t('session_timeout'),
-          code: '2201'
+          code: '2201',
+          msg: 'Authorization error: Session timeout',
        }
-
-        handle_errors and return
+        handle_errors
+        epp_session.destroy!
      else
-        epp_session.update_column(:updated_at, Time.zone.now)
+        epp_session.update_last_access
      end
    end

-    def session_timeout_reached?
-      timeout = ENV['epp_session_timeout_seconds'].to_i.seconds
-      epp_session.updated_at < (Time.zone.now - timeout)
-    end
-
    def iptables_counter_update
      return if ENV['iptables_counter_enabled'].blank? && ENV['iptables_counter_enabled'] != 'true'
-      return if current_user.blank?
      counter_update(current_user.registrar_code, ENV['iptables_server_ip'])
    end

--- a/app/models/epp/expired_sessions.rb
+++ b/app/models/epp/expired_sessions.rb
@ -0,0 +1,13 @@
+module Epp
+  class ExpiredSessions
+    attr_reader :sessions
+
+    def initialize(sessions)
+      @sessions = sessions
+    end
+
+    def clear
+      sessions.find_each(&:destroy!)
+    end
+  end
+end
--- a/app/models/epp_session.rb
+++ b/app/models/epp_session.rb
@ -3,6 +3,11 @@ class EppSession < ApplicationRecord

  validates :session_id, uniqueness: true, presence: true

+  class_attribute :timeout
+  self.timeout = ENV['epp_session_timeout_seconds'].to_i.seconds
+
+  alias_attribute :last_access, :updated_at
+
  def self.limit_per_registrar
    4
  end
@ -11,4 +16,21 @@ class EppSession < ApplicationRecord
    count = where(user_id: registrar.api_users.ids).where('updated_at >= ?', Time.zone.now - 1.second).count
    count >= limit_per_registrar
  end
+
+  def self.expired
+    interval = "#{timeout.parts.first.second} #{timeout.parts.first.first}"
+    where(':now > (updated_at + interval :interval)', now: Time.zone.now, interval: interval)
+  end
+
+  def update_last_access
+    touch
+  end
+
+  def timed_out?
+    (updated_at + self.class.timeout).past?
+  end
+
+  def expired?
+    timed_out?
+  end
 end