class RoninSecurity

# File lib/ronin_security.rb, line 4
def self.enforce(url, request)
  puts request
  response = HTTParty.get(url)
  authorizationResponse = JSON.parse(response.body)
  puts authorizationResponse["authorized"]
  otp = request.headers["HTTP_OTP"]
  humantoken = request.headers["HTTP_HUMANTOKEN"]
  devicetoken = request.headers["HTTP_DEVICE_TOKEN"]
  ip = request.remote_ip
  if ip == "::1" || ip == "127.0.0.1"
    realIpData = HTTParty.get("https://api.ipify.org?format=json")
    puts realIpData
    parsedIpData = JSON.parse(realIpData.body)
    ip = parsedIpData["ip"]
  end
  possibletoken = request.headers["HTTP_TOKEN"].split("Bearer ")
  token = request.headers["HTTP_TOKEN"] || possibletoken
  headers = { 
  "method"  => request.method,
  "ip" => ip,
  "token" => token,
  "api" => request.original_url.split(request.original_fullpath)[0],
  "action" => request.original_fullpath,
  "fullActionPath" => request.original_url 
  }

  if devicetoken != nil 
    headers["device_token"] = devicetoken
  end

  if otp != nil 
    headers["otp"] = otp
  end

  if humantoken != nil
    headers["humantoken"] = humantoken
  end
  authorizedMessage = HTTParty.get(url, :headers => headers)
  authorizationResult = JSON.parse(authorizedMessage.body)
  return authorizationResult
end