Refactor ID card sign-in

- Extract to Devise custom strategy - Use `SSL_CLIENT_S_DN_CN` env variable instead of `SSL_CLIENT_S_DN` to get ID card data - Remove `database_authenticatable` strategy from `RegistrantUser` Closes #1047
2025-07-22 18:56:05 +02:00 · 2019-01-30 19:08:29 +02:00 · 2019-01-30 19:08:29 +02:00 · a08f063640
commit a08f063640
parent 27976c3fbd
20 changed files with 266 additions and 89 deletions
--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@ -2,7 +2,8 @@ require 'open3'

 class ApiUser < User
  include EppErrors
-  devise :database_authenticatable, :trackable, :timeoutable, authentication_keys: [:username]
+  devise :database_authenticatable, :trackable, :timeoutable, :id_card_authenticatable,
+         authentication_keys: [:username]

  def epp_code_map
    {
@ -47,19 +48,9 @@ class ApiUser < User
  end

  class << self
-    def find_by_idc_data_and_allowed(idc_data, ip)
-      return false if idc_data.blank?
-      identity_code = idc_data.scan(/serialNumber=(\d+)/).flatten.first
-
-      return false if ip.blank?
-      possible_users = where(identity_code: identity_code)
-      possible_users.each do |selected_user|
-        if selected_user.registrar.white_ips.registrar_area.include_ip?(ip)
-          return selected_user
-        end
-      end
+    def find_by_id_card(id_card)
+      find_by(identity_code: id_card.personal_code)
    end
-
  end

  def registrar_typeahead