Module: Ixtlan::Remote::AccessController

Includes:
ConstantTimeCompare
Defined in:
lib/ixtlan/remote/access_controller.rb

Instance Method Summary collapse

Methods included from ConstantTimeCompare

#constant_time_compare

Instance Method Details

#remote_permissionObject 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/ixtlan/remote/access_controller.rb', line 43

def remote_permission
  @_remote_permission ||= 
    begin
      # constant time for finding the right permission
      perm = nil
      token = x_service_token
      raise "ip #{request.remote_ip} sent no token" unless token
      permission_model.all.each do |rp|
        perm = rp if rp.authentication_token && constant_time_compare(rp.authentication_token, token)
      end
      raise "ip #{request.remote_ip} wrong authentication" unless perm 
      # if the perm.ip == nil then do not check IP 
      # server clusters have many IPs then use perm.ip = nil
      raise "ip #{request.remote_ip} not allowed" if (!perm.allowed_ip.blank? && request.remote_ip != perm.allowed_ip)
      perm
    end
end