Commit 6104c71ee4dd293ad7c81fb20527f1da0994c158

Authored by Nathanael Jourdane
1 parent 5bb95737

Replace function rateLimitReached() by webservice function auth()

Showing 2 changed files with 42 additions and 50 deletions   Show diff stats
php/classes/WebServer.php
... ... @@ -83,9 +83,7 @@ class WebServer
83 83 private $wsUserMgr;
84 84 private $resultMgr, $myParamsInfoMgr;
85 85 private $dataFileName;
86   - private $QUERY_TIME_INTERVAL;
87   - private $MAX_QUERIES;
88   - private $CLIENTS_ACCESS_PATH;
  86 + private $timeLimitQuery; // Time interval between 2 queries before to ask for a new authentification, in seconds.
89 87  
90 88 function __construct() {
91 89 $this->userID = 'impex';
... ... @@ -93,9 +91,7 @@ class WebServer
93 91 $this->sessionID = $this->userID;
94 92 $this->myParamsInfoMgr = new ParamsInfoMgr();
95 93 $this->resultMgr = new WebResultMgr();
96   - $this->QUERY_TIME_INTERVAL = 30; // Time interval to limit access, in seconds.
97   - $this->MAX_QUERIES = 3; // Number of queries allowed in one time interval, per IP.
98   - $this->CLIENTS_ACCESS_PATH = './clients'; // Path of the file containing clients access counters.
  94 + $this->timeLimitQuery = 30;
99 95 }
100 96  
101 97 protected function init($data) {
... ... @@ -123,44 +119,6 @@ class WebServer
123 119 return array('success' => true, 'vars' => $vars);
124 120 }
125 121  
126   - // Returns true if the user reached its query limit.
127   - private function isRateLimitReached() {
128   - $currentTime = (int)(((new DateTime())->getTimestamp())/$this->QUERY_TIME_INTERVAL);
129   - $ip = $_SERVER['REMOTE_ADDR'];
130   - error_log("Client IP: $ip ; Current time: $currentTime\n");
131   -
132   - if(file_exists($this->CLIENTS_ACCESS_PATH)) {
133   - $clients = file_get_contents($this->CLIENTS_ACCESS_PATH);
134   - $matches = array();
135   - if(preg_match("/($ip) (\d*) (\d*)/", $clients, $matches, PREG_OFFSET_CAPTURE)) {
136   - error_log("Found an entry for this IP (". $matches[0][0] . ")\n");
137   - $lastTime = (int)($matches[2][0]);
138   - if($currentTime == $lastTime) {
139   - $count = (int)($matches[3][0]);
140   - if($count >= $this->MAX_QUERIES) {
141   - error_log("Same time range and max count value reached: please wait a moment and try again.\n");
142   - return true;
143   - } else {
144   - $count++;
145   - error_log("Same time range, but max count value not reached yet: incrementing counter (" . ($this->MAX_QUERIES-$count) . "/$this->MAX_QUERIES).\n");
146   - $clients = substr_replace($clients, $count, $matches[3][1], strlen($matches[3][0]));
147   - }
148   - } else {
149   - error_log("New time range: resetting time entry.");
150   - $clients = substr_replace($clients, "$ip $currentTime 1", $matches[0][1], strlen($matches[0][0]));
151   - }
152   - } else {
153   - error_log("IP $ip not found: creating new time entry\n");
154   - $clients = "$clients$ip $currentTime 1\n";
155   - }
156   - } else {
157   - error_log("File not created yet: creating file and new time entry\n");
158   - $clients = "$ip $currentTime 1\n";
159   - }
160   - file_put_contents($this->CLIENTS_ACCESS_PATH, $clients);
161   - return false;
162   - }
163   -
164 122 private function setID(){
165 123  
166 124 $nb_min = 10000;
... ... @@ -590,17 +548,19 @@ class WebServer
590 548  
591 549 return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult));
592 550 }
  551 +
  552 + public function getNewToken() {
  553 + $timeStamp = (new DateTime())->getTimestamp();
  554 + $newToken = md5((int)($timeStamp/30));
  555 + return array('success' => true, 'token' => $newToken);
  556 + }
  557 +
593 558 ///////////////////////////////////////START GET DATASET ///////////////////////////////
594 559 public function getParameter($data) {
595 560  
596   - if($this->isRateLimitReached()) {
597   - return array('success' => false, 'message' => 'Rate limit reached. Please try again later.');
598   - }
599   -
600 561 $multiParam = false;
601 562  
602 563 $res = $this->init($data);
603   -
604 564 $resMgr = $this->initUserMgr();
605 565  
606 566 if (!$res['success']){
... ... @@ -610,7 +570,15 @@ class WebServer
610 570  
611 571 $vars = $res['vars'];
612 572  
613   - if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){
  573 + if (!$vars["token"]) {
  574 + return array('success' => false, 'message' => "E01\nAuthentication is required for this webservice.");
  575 + }
  576 +
  577 + if($this->getNewToken()['token'] != $vars["token"]) {
  578 + return array('success' => false, 'message' => "E02\nToken expired. Please authenticate again.");
  579 + }
  580 +
  581 + if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){
614 582 if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time");
615 583 else return array('success' => false, 'message' => "Start time must be higher than stop time");
616 584 }
... ...
php/rest/auth.php 0 → 100644
... ... @@ -0,0 +1,24 @@
  1 +
  2 +<?php
  3 +
  4 +/**
  5 + * @file getParameter.php
  6 + * @brief REST interface for service getParameter
  7 + *
  8 + *
  9 + * @version $Id: $
  10 + */
  11 +
  12 + require_once '../config.php';
  13 +
  14 + $amda_ws = new WebServer();
  15 + $result = $amda_ws->auth($_GET);
  16 +
  17 + if ($result['success']){
  18 + echo $result['token'];
  19 + }
  20 + else {
  21 + echo $result['message'];
  22 + }
  23 +
  24 +?>
0 25 \ No newline at end of file
... ...