class Epp::SessionsController < EppController def hello render_epp_response('greeting') end def login # Allow login with only username if request.ip == APP_CONFIG['webclient_ip'] && login_params[:password].nil? @api_user = ApiUser.find_by(username: login_params[:username]) else @api_user = ApiUser.find_by(login_params) end if @api_user.try(:active) epp_session[:api_user_id] = @api_user.id render_epp_response('login_success') else response.headers['X-EPP-Returncode'] = '2200' render_epp_response('login_fail') end end def logout @api_user = current_user # cache current_user for logging epp_session[:api_user_id] = nil response.headers['X-EPP-Returncode'] = '1500' render_epp_response('logout') end ### HELPER METHODS ### def login_params ph = params_hash['epp']['command']['login'] { username: ph[:clID], password: ph[:pw] } end end