diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb
index d56dc24de..811769400 100644
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@@ -156,15 +156,15 @@ class Registrar
     def find_user_by_idc_and_allowed(idc)
       return User.new unless idc
       possible_users = ApiUser.where(identity_code: idc) || User.new
-      for selected_user in 0..possible_users.count
-        if possible_users[selected_user].registrar.white_ips.registrar_area.include_ip?(request.ip)
-          break
+      possible_users eacho do |selected_user|
+        if selected_user.registrar.white_ips.registrar_area.include_ip?(request.ip)
+          return selected_user
         end
       end
-      possible_users[selected_user]
     end
 
 
+
     def check_ip_restriction
       ip_restriction = Authorization::RestrictedIP.new(request.ip)
       allowed = ip_restriction.can_access_registrar_area_sign_in_page?
diff --git a/app/models/api_user.rb b/app/models/api_user.rb
index b70aeeb11..d05f8eb46 100644
--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@@ -58,12 +58,11 @@ class ApiUser < User
 
       return false if ip.blank?
       possible_users = where(identity_code: identity_code)
-      for selected_user in 0..possible_users.count
-        if possible_users[selected_user].registrar.white_ips.registrar_area.include_ip?(ip)
-          break
+      possible_users eacho do |selected_user|
+        if selected_user.registrar.white_ips.registrar_area.include_ip?(ip)
+          return selected_user
         end
       end
-      possible_users[selected_user]
     end
 
   end