Merge pull request #165 from azul/feature/cert-fingerprints

Feature/cert fingerprints

2 files changed, 45 insertions, 0 deletions

diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 73409ef..b6d1d0b 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -3,7 +3,15 @@ class V1::CertsController < ApplicationController
   before_filter :require_login, :unless => :anonymous_certs_allowed?
 
   # GET /cert
+  # deprecated - we actually create a new cert and that can
+  # be reflected in the action. GET /cert will eventually go
+  # away and be replaced by POST /cert
   def show
+    create
+  end
+
+  # POST /cert
+  def create
     @cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
     render text: @cert.to_s, content_type: 'text/plain'
   end
diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
new file mode 100644
index 0000000..377a49c
--- /dev/null
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -0,0 +1,37 @@
+class V1::SmtpCertsController < ApplicationController
+
+  before_filter :require_login
+  before_filter :require_email_account
+  before_filter :fetch_identity
+
+  # POST /1/smtp_cert
+  def create
+    @cert = ClientCertificate.new prefix: current_user.email_address
+    @identity.register_cert(@cert)
+    @identity.save
+    render text: @cert.to_s, content_type: 'text/plain'
+  end
+
+  protected
+
+  #
+  # Filters
+  #
+
+  def require_email_account
+    access_denied unless service_level.provides? 'email'
+  end
+
+  def fetch_identity
+    @identity = current_user.identity
+  end
+
+  #
+  # Helper methods
+  #
+
+  def service_level
+    current_user.effective_service_level
+  end
+
+end