zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-19 02:39:37 +02:00
Code Issues Projects Releases Packages Wiki Activity

Check API whitelist IP-s when loggin into registrar with pw #2713

Browse source
This commit is contained in:
Martin Lensment 2015-08-14 17:34:05 +03:00
parent 8bffdbf783
commit d26dd3da98
5 changed files with 38 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

26
app/controllers/registrar/sessions_controller.rb
View file

@ -47,6 +47,16 @@ class Registrar::SessionsController < Devise::SessionsController
end
end
unless @api_user.registrar.registrar_ip_white?(request.ip)
@depp_user.errors.add(:base, I18n.t(:ip_is_not_whitelisted))
end
if @api_user.can_make_api_calls?
unless @api_user.registrar.api_ip_white?(request.ip)
@depp_user.errors.add(:base, I18n.t(:ip_is_not_whitelisted))
end
end
if @depp_user.errors.none? && @depp_user.valid?
if @api_user.active?
sign_in @api_user
@ -64,9 +74,23 @@ class Registrar::SessionsController < Devise::SessionsController
# rubocop:enable Metrics/MethodLength
# rubocop:enable Metrics/AbcSize
def switch_user
def switch_user # rubocop:disable Metrics/CyclomaticComplexity
@api_user = ApiUser.find(params[:id])
unless @api_user.registrar.registrar_ip_white?(request.ip)
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return
end
if @api_user.can_make_api_calls?
unless @api_user.registrar.api_ip_white?(request.ip)
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return
end
end
sign_in @api_user if @api_user.identity_code == current_user.identity_code
redirect_to :back
end