Commit 6104c71ee4dd293ad7c81fb20527f1da0994c158
1 parent
5bb95737
Exists in
master
and in
110 other branches
Replace function rateLimitReached() by webservice function auth()
Showing
2 changed files
with
42 additions
and
50 deletions
Show diff stats
php/classes/WebServer.php
... | ... | @@ -83,9 +83,7 @@ class WebServer |
83 | 83 | private $wsUserMgr; |
84 | 84 | private $resultMgr, $myParamsInfoMgr; |
85 | 85 | private $dataFileName; |
86 | - private $QUERY_TIME_INTERVAL; | |
87 | - private $MAX_QUERIES; | |
88 | - private $CLIENTS_ACCESS_PATH; | |
86 | + private $timeLimitQuery; // Time interval between 2 queries before to ask for a new authentification, in seconds. | |
89 | 87 | |
90 | 88 | function __construct() { |
91 | 89 | $this->userID = 'impex'; |
... | ... | @@ -93,9 +91,7 @@ class WebServer |
93 | 91 | $this->sessionID = $this->userID; |
94 | 92 | $this->myParamsInfoMgr = new ParamsInfoMgr(); |
95 | 93 | $this->resultMgr = new WebResultMgr(); |
96 | - $this->QUERY_TIME_INTERVAL = 30; // Time interval to limit access, in seconds. | |
97 | - $this->MAX_QUERIES = 3; // Number of queries allowed in one time interval, per IP. | |
98 | - $this->CLIENTS_ACCESS_PATH = './clients'; // Path of the file containing clients access counters. | |
94 | + $this->timeLimitQuery = 30; | |
99 | 95 | } |
100 | 96 | |
101 | 97 | protected function init($data) { |
... | ... | @@ -123,44 +119,6 @@ class WebServer |
123 | 119 | return array('success' => true, 'vars' => $vars); |
124 | 120 | } |
125 | 121 | |
126 | - // Returns true if the user reached its query limit. | |
127 | - private function isRateLimitReached() { | |
128 | - $currentTime = (int)(((new DateTime())->getTimestamp())/$this->QUERY_TIME_INTERVAL); | |
129 | - $ip = $_SERVER['REMOTE_ADDR']; | |
130 | - error_log("Client IP: $ip ; Current time: $currentTime\n"); | |
131 | - | |
132 | - if(file_exists($this->CLIENTS_ACCESS_PATH)) { | |
133 | - $clients = file_get_contents($this->CLIENTS_ACCESS_PATH); | |
134 | - $matches = array(); | |
135 | - if(preg_match("/($ip) (\d*) (\d*)/", $clients, $matches, PREG_OFFSET_CAPTURE)) { | |
136 | - error_log("Found an entry for this IP (". $matches[0][0] . ")\n"); | |
137 | - $lastTime = (int)($matches[2][0]); | |
138 | - if($currentTime == $lastTime) { | |
139 | - $count = (int)($matches[3][0]); | |
140 | - if($count >= $this->MAX_QUERIES) { | |
141 | - error_log("Same time range and max count value reached: please wait a moment and try again.\n"); | |
142 | - return true; | |
143 | - } else { | |
144 | - $count++; | |
145 | - error_log("Same time range, but max count value not reached yet: incrementing counter (" . ($this->MAX_QUERIES-$count) . "/$this->MAX_QUERIES).\n"); | |
146 | - $clients = substr_replace($clients, $count, $matches[3][1], strlen($matches[3][0])); | |
147 | - } | |
148 | - } else { | |
149 | - error_log("New time range: resetting time entry."); | |
150 | - $clients = substr_replace($clients, "$ip $currentTime 1", $matches[0][1], strlen($matches[0][0])); | |
151 | - } | |
152 | - } else { | |
153 | - error_log("IP $ip not found: creating new time entry\n"); | |
154 | - $clients = "$clients$ip $currentTime 1\n"; | |
155 | - } | |
156 | - } else { | |
157 | - error_log("File not created yet: creating file and new time entry\n"); | |
158 | - $clients = "$ip $currentTime 1\n"; | |
159 | - } | |
160 | - file_put_contents($this->CLIENTS_ACCESS_PATH, $clients); | |
161 | - return false; | |
162 | - } | |
163 | - | |
164 | 122 | private function setID(){ |
165 | 123 | |
166 | 124 | $nb_min = 10000; |
... | ... | @@ -590,17 +548,19 @@ class WebServer |
590 | 548 | |
591 | 549 | return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult)); |
592 | 550 | } |
551 | + | |
552 | + public function getNewToken() { | |
553 | + $timeStamp = (new DateTime())->getTimestamp(); | |
554 | + $newToken = md5((int)($timeStamp/30)); | |
555 | + return array('success' => true, 'token' => $newToken); | |
556 | + } | |
557 | + | |
593 | 558 | ///////////////////////////////////////START GET DATASET /////////////////////////////// |
594 | 559 | public function getParameter($data) { |
595 | 560 | |
596 | - if($this->isRateLimitReached()) { | |
597 | - return array('success' => false, 'message' => 'Rate limit reached. Please try again later.'); | |
598 | - } | |
599 | - | |
600 | 561 | $multiParam = false; |
601 | 562 | |
602 | 563 | $res = $this->init($data); |
603 | - | |
604 | 564 | $resMgr = $this->initUserMgr(); |
605 | 565 | |
606 | 566 | if (!$res['success']){ |
... | ... | @@ -610,7 +570,15 @@ class WebServer |
610 | 570 | |
611 | 571 | $vars = $res['vars']; |
612 | 572 | |
613 | - if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){ | |
573 | + if (!$vars["token"]) { | |
574 | + return array('success' => false, 'message' => "E01\nAuthentication is required for this webservice."); | |
575 | + } | |
576 | + | |
577 | + if($this->getNewToken()['token'] != $vars["token"]) { | |
578 | + return array('success' => false, 'message' => "E02\nToken expired. Please authenticate again."); | |
579 | + } | |
580 | + | |
581 | + if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){ | |
614 | 582 | if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time"); |
615 | 583 | else return array('success' => false, 'message' => "Start time must be higher than stop time"); |
616 | 584 | } | ... | ... |
... | ... | @@ -0,0 +1,24 @@ |
1 | + | |
2 | +<?php | |
3 | + | |
4 | +/** | |
5 | + * @file getParameter.php | |
6 | + * @brief REST interface for service getParameter | |
7 | + * | |
8 | + * | |
9 | + * @version $Id: $ | |
10 | + */ | |
11 | + | |
12 | + require_once '../config.php'; | |
13 | + | |
14 | + $amda_ws = new WebServer(); | |
15 | + $result = $amda_ws->auth($_GET); | |
16 | + | |
17 | + if ($result['success']){ | |
18 | + echo $result['token']; | |
19 | + } | |
20 | + else { | |
21 | + echo $result['message']; | |
22 | + } | |
23 | + | |
24 | +?> | |
0 | 25 | \ No newline at end of file | ... | ... |