Commit 6104c71ee4dd293ad7c81fb20527f1da0994c158
1 parent
5bb95737
Exists in
master
and in
110 other branches
Replace function rateLimitReached() by webservice function auth()
Showing
2 changed files
with
42 additions
and
50 deletions
Show diff stats
php/classes/WebServer.php
@@ -83,9 +83,7 @@ class WebServer | @@ -83,9 +83,7 @@ class WebServer | ||
83 | private $wsUserMgr; | 83 | private $wsUserMgr; |
84 | private $resultMgr, $myParamsInfoMgr; | 84 | private $resultMgr, $myParamsInfoMgr; |
85 | private $dataFileName; | 85 | private $dataFileName; |
86 | - private $QUERY_TIME_INTERVAL; | ||
87 | - private $MAX_QUERIES; | ||
88 | - private $CLIENTS_ACCESS_PATH; | 86 | + private $timeLimitQuery; // Time interval between 2 queries before to ask for a new authentification, in seconds. |
89 | 87 | ||
90 | function __construct() { | 88 | function __construct() { |
91 | $this->userID = 'impex'; | 89 | $this->userID = 'impex'; |
@@ -93,9 +91,7 @@ class WebServer | @@ -93,9 +91,7 @@ class WebServer | ||
93 | $this->sessionID = $this->userID; | 91 | $this->sessionID = $this->userID; |
94 | $this->myParamsInfoMgr = new ParamsInfoMgr(); | 92 | $this->myParamsInfoMgr = new ParamsInfoMgr(); |
95 | $this->resultMgr = new WebResultMgr(); | 93 | $this->resultMgr = new WebResultMgr(); |
96 | - $this->QUERY_TIME_INTERVAL = 30; // Time interval to limit access, in seconds. | ||
97 | - $this->MAX_QUERIES = 3; // Number of queries allowed in one time interval, per IP. | ||
98 | - $this->CLIENTS_ACCESS_PATH = './clients'; // Path of the file containing clients access counters. | 94 | + $this->timeLimitQuery = 30; |
99 | } | 95 | } |
100 | 96 | ||
101 | protected function init($data) { | 97 | protected function init($data) { |
@@ -123,44 +119,6 @@ class WebServer | @@ -123,44 +119,6 @@ class WebServer | ||
123 | return array('success' => true, 'vars' => $vars); | 119 | return array('success' => true, 'vars' => $vars); |
124 | } | 120 | } |
125 | 121 | ||
126 | - // Returns true if the user reached its query limit. | ||
127 | - private function isRateLimitReached() { | ||
128 | - $currentTime = (int)(((new DateTime())->getTimestamp())/$this->QUERY_TIME_INTERVAL); | ||
129 | - $ip = $_SERVER['REMOTE_ADDR']; | ||
130 | - error_log("Client IP: $ip ; Current time: $currentTime\n"); | ||
131 | - | ||
132 | - if(file_exists($this->CLIENTS_ACCESS_PATH)) { | ||
133 | - $clients = file_get_contents($this->CLIENTS_ACCESS_PATH); | ||
134 | - $matches = array(); | ||
135 | - if(preg_match("/($ip) (\d*) (\d*)/", $clients, $matches, PREG_OFFSET_CAPTURE)) { | ||
136 | - error_log("Found an entry for this IP (". $matches[0][0] . ")\n"); | ||
137 | - $lastTime = (int)($matches[2][0]); | ||
138 | - if($currentTime == $lastTime) { | ||
139 | - $count = (int)($matches[3][0]); | ||
140 | - if($count >= $this->MAX_QUERIES) { | ||
141 | - error_log("Same time range and max count value reached: please wait a moment and try again.\n"); | ||
142 | - return true; | ||
143 | - } else { | ||
144 | - $count++; | ||
145 | - error_log("Same time range, but max count value not reached yet: incrementing counter (" . ($this->MAX_QUERIES-$count) . "/$this->MAX_QUERIES).\n"); | ||
146 | - $clients = substr_replace($clients, $count, $matches[3][1], strlen($matches[3][0])); | ||
147 | - } | ||
148 | - } else { | ||
149 | - error_log("New time range: resetting time entry."); | ||
150 | - $clients = substr_replace($clients, "$ip $currentTime 1", $matches[0][1], strlen($matches[0][0])); | ||
151 | - } | ||
152 | - } else { | ||
153 | - error_log("IP $ip not found: creating new time entry\n"); | ||
154 | - $clients = "$clients$ip $currentTime 1\n"; | ||
155 | - } | ||
156 | - } else { | ||
157 | - error_log("File not created yet: creating file and new time entry\n"); | ||
158 | - $clients = "$ip $currentTime 1\n"; | ||
159 | - } | ||
160 | - file_put_contents($this->CLIENTS_ACCESS_PATH, $clients); | ||
161 | - return false; | ||
162 | - } | ||
163 | - | ||
164 | private function setID(){ | 122 | private function setID(){ |
165 | 123 | ||
166 | $nb_min = 10000; | 124 | $nb_min = 10000; |
@@ -590,17 +548,19 @@ class WebServer | @@ -590,17 +548,19 @@ class WebServer | ||
590 | 548 | ||
591 | return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult)); | 549 | return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult)); |
592 | } | 550 | } |
551 | + | ||
552 | + public function getNewToken() { | ||
553 | + $timeStamp = (new DateTime())->getTimestamp(); | ||
554 | + $newToken = md5((int)($timeStamp/30)); | ||
555 | + return array('success' => true, 'token' => $newToken); | ||
556 | + } | ||
557 | + | ||
593 | ///////////////////////////////////////START GET DATASET /////////////////////////////// | 558 | ///////////////////////////////////////START GET DATASET /////////////////////////////// |
594 | public function getParameter($data) { | 559 | public function getParameter($data) { |
595 | 560 | ||
596 | - if($this->isRateLimitReached()) { | ||
597 | - return array('success' => false, 'message' => 'Rate limit reached. Please try again later.'); | ||
598 | - } | ||
599 | - | ||
600 | $multiParam = false; | 561 | $multiParam = false; |
601 | 562 | ||
602 | $res = $this->init($data); | 563 | $res = $this->init($data); |
603 | - | ||
604 | $resMgr = $this->initUserMgr(); | 564 | $resMgr = $this->initUserMgr(); |
605 | 565 | ||
606 | if (!$res['success']){ | 566 | if (!$res['success']){ |
@@ -610,7 +570,15 @@ class WebServer | @@ -610,7 +570,15 @@ class WebServer | ||
610 | 570 | ||
611 | $vars = $res['vars']; | 571 | $vars = $res['vars']; |
612 | 572 | ||
613 | - if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){ | 573 | + if (!$vars["token"]) { |
574 | + return array('success' => false, 'message' => "E01\nAuthentication is required for this webservice."); | ||
575 | + } | ||
576 | + | ||
577 | + if($this->getNewToken()['token'] != $vars["token"]) { | ||
578 | + return array('success' => false, 'message' => "E02\nToken expired. Please authenticate again."); | ||
579 | + } | ||
580 | + | ||
581 | + if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){ | ||
614 | if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time"); | 582 | if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time"); |
615 | else return array('success' => false, 'message' => "Start time must be higher than stop time"); | 583 | else return array('success' => false, 'message' => "Start time must be higher than stop time"); |
616 | } | 584 | } |
@@ -0,0 +1,24 @@ | @@ -0,0 +1,24 @@ | ||
1 | + | ||
2 | +<?php | ||
3 | + | ||
4 | +/** | ||
5 | + * @file getParameter.php | ||
6 | + * @brief REST interface for service getParameter | ||
7 | + * | ||
8 | + * | ||
9 | + * @version $Id: $ | ||
10 | + */ | ||
11 | + | ||
12 | + require_once '../config.php'; | ||
13 | + | ||
14 | + $amda_ws = new WebServer(); | ||
15 | + $result = $amda_ws->auth($_GET); | ||
16 | + | ||
17 | + if ($result['success']){ | ||
18 | + echo $result['token']; | ||
19 | + } | ||
20 | + else { | ||
21 | + echo $result['message']; | ||
22 | + } | ||
23 | + | ||
24 | +?> | ||
0 | \ No newline at end of file | 25 | \ No newline at end of file |