みてるぞ
b47cdc7ad7
#327 #327 #327 #327 Merge remote-tracking branch 'origin/main' into feature/327 #327 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #342
41 lines
936 B
Ruby
41 lines
936 B
Ruby
class ApplicationController < ActionController::API
|
|
before_action :reject_banned_ip_address!
|
|
before_action :authenticate_user
|
|
before_action :reject_banned_user!
|
|
|
|
def current_user = @current_user
|
|
|
|
private
|
|
|
|
def authenticate_user
|
|
code = request.headers['X-Transfer-Code'] || request.headers['HTTP_X_TRANSFER_CODE']
|
|
return if code.blank?
|
|
|
|
@current_user = User.find_by(inheritance_code: code)
|
|
end
|
|
|
|
def bool? key, default: false
|
|
return default if params[key].nil?
|
|
|
|
s = params[key].to_s.strip.downcase
|
|
if default
|
|
!(s.in?(['0', 'false', 'off', 'no']))
|
|
else
|
|
s.in?(['', '1', 'true', 'on', 'yes'])
|
|
end
|
|
end
|
|
|
|
def reject_banned_ip_address!
|
|
ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton)
|
|
return unless ip_address&.banned?
|
|
|
|
head :forbidden
|
|
end
|
|
|
|
def reject_banned_user!
|
|
return unless current_user&.banned?
|
|
|
|
head :forbidden
|
|
end
|
|
end
|