Commit 6104c71ee4dd293ad7c81fb20527f1da0994c158

Authored by Nathanael Jourdane
1 parent 5bb95737

Replace function rateLimitReached() by webservice function auth()

Showing 2 changed files with 42 additions and 50 deletions   Show diff stats
php/classes/WebServer.php
@@ -83,9 +83,7 @@ class WebServer @@ -83,9 +83,7 @@ class WebServer
83 private $wsUserMgr; 83 private $wsUserMgr;
84 private $resultMgr, $myParamsInfoMgr; 84 private $resultMgr, $myParamsInfoMgr;
85 private $dataFileName; 85 private $dataFileName;
86 - private $QUERY_TIME_INTERVAL;  
87 - private $MAX_QUERIES;  
88 - private $CLIENTS_ACCESS_PATH; 86 + private $timeLimitQuery; // Time interval between 2 queries before to ask for a new authentification, in seconds.
89 87
90 function __construct() { 88 function __construct() {
91 $this->userID = 'impex'; 89 $this->userID = 'impex';
@@ -93,9 +91,7 @@ class WebServer @@ -93,9 +91,7 @@ class WebServer
93 $this->sessionID = $this->userID; 91 $this->sessionID = $this->userID;
94 $this->myParamsInfoMgr = new ParamsInfoMgr(); 92 $this->myParamsInfoMgr = new ParamsInfoMgr();
95 $this->resultMgr = new WebResultMgr(); 93 $this->resultMgr = new WebResultMgr();
96 - $this->QUERY_TIME_INTERVAL = 30; // Time interval to limit access, in seconds.  
97 - $this->MAX_QUERIES = 3; // Number of queries allowed in one time interval, per IP.  
98 - $this->CLIENTS_ACCESS_PATH = './clients'; // Path of the file containing clients access counters. 94 + $this->timeLimitQuery = 30;
99 } 95 }
100 96
101 protected function init($data) { 97 protected function init($data) {
@@ -123,44 +119,6 @@ class WebServer @@ -123,44 +119,6 @@ class WebServer
123 return array('success' => true, 'vars' => $vars); 119 return array('success' => true, 'vars' => $vars);
124 } 120 }
125 121
126 - // Returns true if the user reached its query limit.  
127 - private function isRateLimitReached() {  
128 - $currentTime = (int)(((new DateTime())->getTimestamp())/$this->QUERY_TIME_INTERVAL);  
129 - $ip = $_SERVER['REMOTE_ADDR'];  
130 - error_log("Client IP: $ip ; Current time: $currentTime\n");  
131 -  
132 - if(file_exists($this->CLIENTS_ACCESS_PATH)) {  
133 - $clients = file_get_contents($this->CLIENTS_ACCESS_PATH);  
134 - $matches = array();  
135 - if(preg_match("/($ip) (\d*) (\d*)/", $clients, $matches, PREG_OFFSET_CAPTURE)) {  
136 - error_log("Found an entry for this IP (". $matches[0][0] . ")\n");  
137 - $lastTime = (int)($matches[2][0]);  
138 - if($currentTime == $lastTime) {  
139 - $count = (int)($matches[3][0]);  
140 - if($count >= $this->MAX_QUERIES) {  
141 - error_log("Same time range and max count value reached: please wait a moment and try again.\n");  
142 - return true;  
143 - } else {  
144 - $count++;  
145 - error_log("Same time range, but max count value not reached yet: incrementing counter (" . ($this->MAX_QUERIES-$count) . "/$this->MAX_QUERIES).\n");  
146 - $clients = substr_replace($clients, $count, $matches[3][1], strlen($matches[3][0]));  
147 - }  
148 - } else {  
149 - error_log("New time range: resetting time entry.");  
150 - $clients = substr_replace($clients, "$ip $currentTime 1", $matches[0][1], strlen($matches[0][0]));  
151 - }  
152 - } else {  
153 - error_log("IP $ip not found: creating new time entry\n");  
154 - $clients = "$clients$ip $currentTime 1\n";  
155 - }  
156 - } else {  
157 - error_log("File not created yet: creating file and new time entry\n");  
158 - $clients = "$ip $currentTime 1\n";  
159 - }  
160 - file_put_contents($this->CLIENTS_ACCESS_PATH, $clients);  
161 - return false;  
162 - }  
163 -  
164 private function setID(){ 122 private function setID(){
165 123
166 $nb_min = 10000; 124 $nb_min = 10000;
@@ -590,17 +548,19 @@ class WebServer @@ -590,17 +548,19 @@ class WebServer
590 548
591 return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult)); 549 return array('success' => true,'ParameterList' => array("UserDefinedParameters"=>$wsParamResult, "LocalDataBaseParameters"=>$locParamResult, "RemoteDataBaseParameters"=>$remoteParamResult));
592 } 550 }
  551 +
  552 + public function getNewToken() {
  553 + $timeStamp = (new DateTime())->getTimestamp();
  554 + $newToken = md5((int)($timeStamp/30));
  555 + return array('success' => true, 'token' => $newToken);
  556 + }
  557 +
593 ///////////////////////////////////////START GET DATASET /////////////////////////////// 558 ///////////////////////////////////////START GET DATASET ///////////////////////////////
594 public function getParameter($data) { 559 public function getParameter($data) {
595 560
596 - if($this->isRateLimitReached()) {  
597 - return array('success' => false, 'message' => 'Rate limit reached. Please try again later.');  
598 - }  
599 -  
600 $multiParam = false; 561 $multiParam = false;
601 562
602 $res = $this->init($data); 563 $res = $this->init($data);
603 -  
604 $resMgr = $this->initUserMgr(); 564 $resMgr = $this->initUserMgr();
605 565
606 if (!$res['success']){ 566 if (!$res['success']){
@@ -610,7 +570,15 @@ class WebServer @@ -610,7 +570,15 @@ class WebServer
610 570
611 $vars = $res['vars']; 571 $vars = $res['vars'];
612 572
613 - if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){ 573 + if (!$vars["token"]) {
  574 + return array('success' => false, 'message' => "E01\nAuthentication is required for this webservice.");
  575 + }
  576 +
  577 + if($this->getNewToken()['token'] != $vars["token"]) {
  578 + return array('success' => false, 'message' => "E02\nToken expired. Please authenticate again.");
  579 + }
  580 +
  581 + if ((strtotime($vars["stopTime"]) - strtotime($vars["startTime"])) < 0){
614 if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time"); 582 if ($this->isSoap) throw new SoapFault("request01","Start time must be higher than stop time");
615 else return array('success' => false, 'message' => "Start time must be higher than stop time"); 583 else return array('success' => false, 'message' => "Start time must be higher than stop time");
616 } 584 }
php/rest/auth.php 0 → 100644
@@ -0,0 +1,24 @@ @@ -0,0 +1,24 @@
  1 +
  2 +<?php
  3 +
  4 +/**
  5 + * @file getParameter.php
  6 + * @brief REST interface for service getParameter
  7 + *
  8 + *
  9 + * @version $Id: $
  10 + */
  11 +
  12 + require_once '../config.php';
  13 +
  14 + $amda_ws = new WebServer();
  15 + $result = $amda_ws->auth($_GET);
  16 +
  17 + if ($result['success']){
  18 + echo $result['token'];
  19 + }
  20 + else {
  21 + echo $result['message'];
  22 + }
  23 +
  24 +?>
0 \ No newline at end of file 25 \ No newline at end of file