DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

feature(api): add ensure_authorized_network for api_controller v1 and v2

Browse source
This commit is contained in:
simon lehericey 2023-12-21 14:00:07 +01:00
parent 6e5678d1c2
commit d8bc38bc69
4 changed files with 103 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/api/v2/base_controller.rb
View file

@ -2,6 +2,7 @@ class API::V2::BaseController < ApplicationController
skip_forgery_protection if: -> { request.headers.key?('HTTP_AUTHORIZATION') }
skip_before_action :setup_tracking
before_action :authenticate_from_token
before_action :ensure_authorized_network, if: -> { @api_token.present? }
before_action do
Current.browser = 'api'
@ -46,4 +47,11 @@ class API::V2::BaseController < ApplicationController
Current.user = @current_user
end
end
def ensure_authorized_network
if @api_token.forbidden_network?(request.remote_ip)
address = IPAddr.new(request.remote_ip)
render json: { errors: ["request issued from a forbidden network. Add #{address.to_string}/#{address.prefix} to your allowed adresses in your /profil"] }, status: :forbidden
end
end
end