zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-05 12:17:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
internetee-registry/app/controllers/api/v1/registrant/auth_controller.rb
Artur Beljajev fa52001be6 Upgrade to Rails 5.0 
Closes #377
2019-11-15 15:26:33 +02:00

58 lines
1.7 KiB
Ruby
Raw Blame History

require 'auth_token/auth_token_creator'
module Api
module V1
module Registrant
class AuthController < ActionController::API
before_action :set_cors_header
before_action :check_ip_whitelist
rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
error = {}
error[parameter_missing_exception.param] = ['parameter is required']
response = { errors: [error] }
render json: response, status: :unprocessable_entity
end
def eid
user = RegistrantUser.find_or_create_by_api_data(eid_params.to_h)
token = create_token(user)
if token
render json: token
else
render json: { errors: [{ base: ['Cannot create generate session token'] }] }
end
end
private
def set_cors_header
response.headers['Access-Control-Allow-Origin'] = request.headers['Origin']
end
def eid_params
required_params = %i[ident first_name last_name]
required_params.each_with_object(params) do |key, obj|
obj.require(key)
end
params.permit(required_params)
end
def create_token(user)
token_creator = AuthTokenCreator.create_with_defaults(user)
hash = token_creator.token_in_hash
hash
end
def check_ip_whitelist
allowed_ips = ENV['registrant_api_auth_allowed_ips'].to_s.split(',').map(&:strip)
return if allowed_ips.include?(request.ip) || Rails.env.development?
render json: { errors: [{ base: ['Not authorized'] }] }, status: :unauthorized
end
end
end
end
end
Reference in a new issue View git blame Copy permalink