This commit is contained in:
@@ -1,9 +1,9 @@
|
||||
class UsersController < ApplicationController
|
||||
def create
|
||||
return head :unprocessable_entity if request.remote_ip.blank?
|
||||
return head :forbidden if ip_address_banned?
|
||||
|
||||
user = nil
|
||||
|
||||
User.transaction do
|
||||
user = User.create!(inheritance_code: SecureRandom.uuid, role: :guest)
|
||||
attach_ip_address!(user)
|
||||
@@ -15,10 +15,12 @@ class UsersController < ApplicationController
|
||||
end
|
||||
|
||||
def verify
|
||||
return head :unprocessable_entity if request.remote_ip.blank?
|
||||
return head :forbidden if ip_address_banned?
|
||||
|
||||
user = User.find_by(inheritance_code: params[:code])
|
||||
return render json: { valid: false } unless user
|
||||
|
||||
return head :unprocessable_entity if request.remote_ip.blank?
|
||||
return head :forbidden if user.banned?
|
||||
|
||||
attach_ip_address!(user)
|
||||
|
||||
@@ -63,4 +65,11 @@ class UsersController < ApplicationController
|
||||
|
||||
UserIp.create_or_find_by!(user:, ip_address:)
|
||||
end
|
||||
|
||||
def ip_address_banned?
|
||||
ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton)
|
||||
return false unless ip_address
|
||||
|
||||
ip_address.banned?
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user