53 lines
1.5 KiB
Ruby
53 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class APIController < ApplicationController
|
|
before_action :default_format_json
|
|
before_action :authenticate_from_token
|
|
before_action :ensure_authorized_network, if: -> { @api_token.present? }
|
|
before_action :ensure_token_is_not_expired, if: -> { @api_token.present? }
|
|
|
|
before_action do
|
|
Current.browser = 'api'
|
|
end
|
|
|
|
private
|
|
|
|
def default_format_json
|
|
request.format = "json" if !request.params[:format]
|
|
end
|
|
|
|
def check_api_token
|
|
if @api_token.nil?
|
|
render json: {}, status: :unauthorized
|
|
end
|
|
end
|
|
|
|
def authenticate_from_token
|
|
@api_token = authenticate_with_http_token { |t, _o| APIToken.authenticate(t) }
|
|
|
|
# legacy way of sending the token by url
|
|
# not available in api v2
|
|
if @api_token.nil?
|
|
@api_token = APIToken.authenticate(params[:token])
|
|
end
|
|
|
|
if @api_token.present?
|
|
@api_token.touch(:last_v1_authenticated_at)
|
|
@api_token.store_new_ip(request.remote_ip)
|
|
@current_user = @api_token.administrateur.user
|
|
end
|
|
end
|
|
|
|
def ensure_authorized_network
|
|
if @api_token.forbidden_network?(request.remote_ip)
|
|
address = IPAddr.new(request.remote_ip)
|
|
render json: { errors: ["request issued from a forbidden network. Add #{address.to_string}/#{address.prefix} to your allowed adresses in your /profil"] }, status: :forbidden
|
|
end
|
|
end
|
|
|
|
def ensure_token_is_not_expired
|
|
if @api_token.expired?
|
|
render json: { errors: ['token expired'] }, status: :unauthorized
|
|
end
|
|
end
|
|
end
|