From aa42220ca1c77ab50a887392d1b32f375886c89d Mon Sep 17 00:00:00 2001
From: Artur Beljajev <artur.beljajev@internet.ee>
Date: Thu, 9 Aug 2018 13:46:27 +0300
Subject: [PATCH] Customize login URLs for client certificate authentication

Certificate is now asked only when login form is submitted, not before
---
 config/routes.rb | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/config/routes.rb b/config/routes.rb
index 8ecfd9360..7667e5ecc 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -22,9 +22,8 @@ Rails.application.routes.draw do
   namespace :registrar do
     root 'dashboard#show'
 
-    # /registrar/sessions path is hardcoded in Apache config for certificate-based authentication
-    # See https://github.com/internetee/registry/blob/master/README.md#installation
-    devise_for :users, path: 'sessions', class_name: 'ApiUser'
+    devise_for :users, path: '', class_name: 'ApiUser', skip: %i[sessions]
+
     devise_scope :registrar_user do
       get 'login/mid' => 'sessions#login_mid'
       post 'login/mid' => 'sessions#mid'
@@ -96,6 +95,18 @@ Rails.application.routes.draw do
     get  'pay/go/:bank'           => 'payments#pay',   as: 'payment_with'
   end
 
+  scope :registrar do
+    devise_scope :registrar_user do
+      get 'sign_in', to: 'registrar/sessions#new', as: :new_registrar_user_session
+
+      # /registrar/sessions path is hardcoded in Apache config for certificate-based authentication
+      # See https://github.com/internetee/registry/blob/master/README.md#installation
+      post 'sessions', to: 'registrar/sessions#create', as: :registrar_user_session
+
+      delete 'sign_out', to: 'registrar/sessions#destroy', as: :destroy_registrar_user_session
+    end
+  end
+
   namespace :registrant do
     root 'domains#index'