diff options
| author | Marcin Kuzminski <marcin@python-works.com> | 2013-01-04 23:34:53 +0100 |
|---|---|---|
| committer | Marcin Kuzminski <marcin@python-works.com> | 2013-01-04 23:34:53 +0100 |
| commit | 760e3b5c293bf079be4876b7219e63fb9e56485e (patch) | |
| tree | 56473d37f1a0aa764a0ae3d07ef4e6a4e5ff506b /rhodecode/controllers | |
| parent | 629f1538ad4800ff05113516f6a933e2b243f205 (diff) | |
Full IP restrictions enabled
- short cache query for IP for performance
- remove redundant logic
- some small css fixes for login form to better show IP restricted message
--HG--
branch : beta
extra : amend_source : bec698601fe590964ad80b3fb12c0e3385c2c6c4
Diffstat (limited to 'rhodecode/controllers')
| -rw-r--r-- | rhodecode/controllers/api/__init__.py | 10 | ||||
| -rw-r--r-- | rhodecode/controllers/login.py | 7 |
2 files changed, 7 insertions, 10 deletions
diff --git a/rhodecode/controllers/api/__init__.py b/rhodecode/controllers/api/__init__.py index 6dcc79b2..b72cc2a4 100644 --- a/rhodecode/controllers/api/__init__.py +++ b/rhodecode/controllers/api/__init__.py @@ -43,7 +43,7 @@ from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \ HTTPBadRequest, HTTPError from rhodecode.model.db import User -from rhodecode.lib.auth import AuthUser, check_ip_access +from rhodecode.lib.auth import AuthUser from rhodecode.lib.base import _get_ip_addr, _get_access_path from rhodecode.lib.utils2 import safe_unicode @@ -148,17 +148,15 @@ class JSONRPCController(WSGIController): if u is None: return jsonrpc_error(retid=self._req_id, message='Invalid API KEY') + #check if we are allowed to use this IP - allowed_ips = AuthUser.get_allowed_ips(u.user_id) - if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips) is False: - log.info('Access for IP:%s forbidden, ' - 'not in %s' % (ip_addr, allowed_ips)) + auth_u = AuthUser(u.user_id, self._req_api_key, ip_addr=ip_addr) + if not auth_u.ip_allowed: return jsonrpc_error(retid=self._req_id, message='request from IP:%s not allowed' % (ip_addr)) else: log.info('Access for IP:%s allowed' % (ip_addr)) - auth_u = AuthUser(u.user_id, self._req_api_key, ip_addr=ip_addr) except Exception, e: return jsonrpc_error(retid=self._req_id, message='Invalid API KEY') diff --git a/rhodecode/controllers/login.py b/rhodecode/controllers/login.py index 1e75bb49..da9c07f8 100644 --- a/rhodecode/controllers/login.py +++ b/rhodecode/controllers/login.py @@ -54,10 +54,9 @@ class LoginController(BaseController): def index(self): # redirect if already logged in c.came_from = request.GET.get('came_from') - - if self.rhodecode_user.is_authenticated \ - and self.rhodecode_user.username != 'default': - + not_default = self.rhodecode_user.username != 'default' + ip_allowed = self.rhodecode_user.ip_allowed + if self.rhodecode_user.is_authenticated and not_default and ip_allowed: return redirect(url('home')) if request.POST: |