Update registrar sessions

2025-07-03 09:43:36 +02:00 · 2015-05-15 17:39:59 +03:00 · 2015-05-15 17:39:59 +03:00 · e72bb0be54
commit e72bb0be54
parent 936c570e1f
5 changed files with 43 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -183,7 +183,7 @@ Registrar configuration (/etc/apache2/sites-enabled/registrar.conf) is as follow
  SSLVerifyClient none
  SSLVerifyDepth 1
  SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.cert.pem
-  SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem
+  SSLCARevocationPath /home/registry/registry/shared/ca/crl
  # Uncomment in Apache 2.4
  # SSLCARevocationCheck chain

@ -192,6 +192,13 @@ Registrar configuration (/etc/apache2/sites-enabled/registrar.conf) is as follow
    SSLVerifyClient require
    RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s"
  </Location>
+
+  <Location /registrar/id>
+      SSLVerifyClient require
+      Options Indexes FollowSymLinks MultiViews
+      SSLVerifyDepth 2
+      SSLOptions +StdEnvVars +ExportCertData
+  </Location>
 </VirtualHost>
 ```

@ -253,7 +260,7 @@ Registrant configuration (/etc/apache2/sites-enabled/registrant.conf) is as foll
  SSLVerifyClient none
  SSLVerifyDepth 1
  SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.cert.pem
-  SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem
+  SSLCARevocationPath /home/registry/registry/shared/ca/crl
  # Uncomment in Apache 2.4
  # SSLCARevocationCheck chain

@ -262,6 +269,13 @@ Registrant configuration (/etc/apache2/sites-enabled/registrant.conf) is as foll
    SSLVerifyClient require
    RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s"
  </Location>
+
+  <Location /registrant/id>
+      SSLVerifyClient require
+      Options Indexes FollowSymLinks MultiViews
+      SSLVerifyDepth 2
+      SSLOptions +StdEnvVars +ExportCertData
+  </Location>
 </VirtualHost>
 ```

@ -282,7 +296,7 @@ For Apache, REPP goes to port 443 in production, /etc/apache2/sites-enabled/repp
  SSLVerifyClient none
  SSLVerifyDepth 1
  SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.crt.pem
-  SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem
+  SSLCARevocationPath /home/registry/registry/shared/ca/crl
  SSLCARevocationCheck chain

  RequestHeader set SSL_CLIENT_S_DN_CN ""
@ -314,7 +328,7 @@ Be sure to update paths to match your system configuration.
    SSLVerifyClient require
    SSLVerifyDepth 1
    SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.crt.pem
-    SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem
+    SSLCARevocationPath /home/registry/registry/shared/ca/crl
    # Uncomment this when upgrading to apache 2.4:
    # SSLCARevocationCheck chain

--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@ -45,6 +45,18 @@ class Registrar::SessionsController < ::SessionsController
  # rubocop:enable Metrics/CyclomaticComplexity
  # rubocop:enable Metrics/PerceivedComplexity

+  def id
+    @user = ApiUser.find_by_idc_data(request.env['SSL_CLIENT_S_DN'])
+
+    if @user
+      sign_in(@user, event: :authentication)
+      redirect_to registrant_root_url
+    else
+      flash[:alert] = t('no_such_user')
+      redirect_to registrar_login_url
+    end
+  end
+
  def login_mid
    @user = User.new
  end
@ -55,7 +67,7 @@ class Registrar::SessionsController < ::SessionsController

    if Rails.env.test? && phone == "123"
      @user = ApiUser.find_by(identity_code: "14212128025")
-      sign_in(@user, event: :authentication) 
+      sign_in(@user, event: :authentication)
      return redirect_to registrar_root_url
    end

--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@ -42,5 +42,14 @@ class ApiUser < User
  def queued_messages
    registrar.messages.queued
  end
+
+  class << self
+    def find_by_idc_data(idc_data)
+      return false if idc_data.blank?
+      identity_code = idc_data.scan(/serialNumber=(\d+)/).flatten.first
+
+      find_by(identity_code: identity_code)
+    end
+  end
 end
 # rubocop: enable Metrics/ClassLength
--- a/app/views/registrar/sessions/login.haml
+++ b/app/views/registrar/sessions/login.haml
@ -15,7 +15,7 @@
    %hr
    = link_to '/registrar/login/mid' do
      = image_tag 'mid.gif'
-    -# = link_to '/registrar/login/id' do
-      -# = image_tag 'id_card.gif'
+    = link_to '/registrar/id', method: :post do
+      = image_tag 'id_card.gif'


--- a/config/routes.rb
+++ b/config/routes.rb
@ -39,6 +39,7 @@ Rails.application.routes.draw do
      post 'login/mid_status' => 'sessions#mid_status'

      post 'sessions' => 'sessions#create'
+      post 'id' => 'sessions#id'
      post 'mid' => 'sessions#mid'
      get 'logout' => '/devise/sessions#destroy'
    end