Skip to content

Commit 3917372

Browse files
softwarespotsoftwarespot
committed
Rebased code created by @lagaisse
Closes chriskacerguis#510
1 parent 877447c commit 3917372

File tree

2 files changed

+52
-13
lines changed

2 files changed

+52
-13
lines changed

application/config/rest.php

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -270,7 +270,7 @@
270270
| `id` INT(11) NOT NULL AUTO_INCREMENT,
271271
| `key` VARCHAR(40) NOT NULL,
272272
| `level` INT(2) NOT NULL,
273-
| `ignore_limits` TINY(1) NOT NULL DEFAULT '0',
273+
| `ignore_limits` TINYINT(1) NOT NULL DEFAULT '0',
274274
| `is_private_key` TINYINT(1) NOT NULL DEFAULT '0',
275275
| `ip_addresses` TEXT NULL DEFAULT NULL,
276276
| `date_created` INT(11) NOT NULL,
@@ -291,6 +291,21 @@
291291
*/
292292
$config['rest_key_column'] = 'key';
293293

294+
/*
295+
|--------------------------------------------------------------------------
296+
| REST API Limits method
297+
|--------------------------------------------------------------------------
298+
|
299+
| Specify the method used to limit the API calls
300+
|
301+
| Available methods are :
302+
| $config['rest_limits_method'] = 'API_KEY'; // Put a limit per api key
303+
| $config['rest_limits_method'] = 'METHOD_NAME'; // Put a limit on method calls
304+
| $config['rest_limits_method'] = 'ROUTED_URL'; // Put a limit on the routed URL
305+
|
306+
*/
307+
$config['rest_limits_method'] = 'ROUTED_URL';
308+
294309
/*
295310
|--------------------------------------------------------------------------
296311
| REST Key Length

application/libraries/REST_Controller.php

Lines changed: 36 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1033,36 +1033,60 @@ protected function _log_request($authorized = FALSE)
10331033
protected function _check_limit($controller_method)
10341034
{
10351035
// They are special, or it might not even have a limit
1036-
if (empty($this->rest->ignore_limits) === FALSE || isset($this->methods[$controller_method]['limit']) === FALSE)
1036+
if (empty($this->rest->ignore_limits) === FALSE)
10371037
{
10381038
// Everything is fine
10391039
return TRUE;
10401040
}
10411041

1042-
// How many times can you get to this method in a defined time_limit (default: 1 hour)?
1043-
$limit = $this->methods[$controller_method]['limit'];
1042+
switch ($this->config->item('rest_limits_method'))
1043+
{
1044+
case 'API_KEY':
1045+
$limited_uri = 'api-key:' . (isset($this->rest->key) ? $this->rest->key : '');
1046+
$limited_method_name = isset($this->rest->key) ? $this->rest->key : '';
1047+
break;
1048+
1049+
case 'METHOD_NAME':
1050+
$limited_uri = 'method-name:' . $controller_method;
1051+
$limited_method_name = $controller_method;
1052+
break;
1053+
1054+
case 'ROUTED_URL':
1055+
default:
1056+
$limited_uri = $this->uri->ruri_string();
1057+
if (strpos(strrev($limited_uri), strrev($this->response->format)) === 0)
1058+
{
1059+
$limited_uri = substr($limited_uri,0, -strlen($this->response->format) - 1);
1060+
}
1061+
$limited_uri = 'uri:' . $limited_uri . ':' . $this->request->method; // It's good to differentiate GET from PUT
1062+
$limited_method_name = $controller_method;
1063+
break;
1064+
}
10441065

1045-
$uri_noext = $this->uri->uri_string();
1046-
if (strpos(strrev($this->uri->uri_string()), strrev($this->response->format)) === 0)
1066+
if (isset($this->methods[$limited_method_name]['limit']) === FALSE )
10471067
{
1048-
$uri_noext = substr($this->uri->uri_string(),0, -strlen($this->response->format) - 1);
1068+
// Everything is fine
1069+
return TRUE;
10491070
}
10501071

1072+
// How many times can you get to this method in a defined time_limit (default: 1 hour)?
1073+
$limit = $this->methods[$limited_method_name]['limit'];
1074+
1075+
$timelimit = (isset($this->methods[$limited_method_name]['time']) ? $this->methods[$limited_method_name]['time'] : 3600); // 3600 = 60 * 60
1076+
10511077
// Get data about a keys' usage and limit to one row
10521078
$result = $this->rest->db
1053-
->where('uri', $uri_noext)
1079+
->where('uri', $limited_uri)
10541080
->where('api_key', $this->rest->key)
10551081
->get($this->config->item('rest_limits_table'))
10561082
->row();
10571083

1058-
$time_limit = (isset($this->methods[$controller_method]['time']) ? $this->methods[$controller_method]['time'] : 3600);
1059-
10601084
// No calls have been made for this key
10611085
if ($result === NULL)
10621086
{
10631087
// Create a new row for the following key
10641088
$this->rest->db->insert($this->config->item('rest_limits_table'), [
1065-
'uri' => $this->uri->uri_string(),
1089+
'uri' => $limited_uri,
10661090
'api_key' => isset($this->rest->key) ? $this->rest->key : '',
10671091
'count' => 1,
10681092
'hour_started' => time()
@@ -1074,7 +1098,7 @@ protected function _check_limit($controller_method)
10741098
{
10751099
// Reset the started period and count
10761100
$this->rest->db
1077-
->where('uri', $uri_noext)
1101+
->where('uri', $limited_uri)
10781102
->where('api_key', isset($this->rest->key) ? $this->rest->key : '')
10791103
->set('hour_started', time())
10801104
->set('count', 1)
@@ -1092,7 +1116,7 @@ protected function _check_limit($controller_method)
10921116

10931117
// Increase the count by one
10941118
$this->rest->db
1095-
->where('uri', $uri_noext)
1119+
->where('uri', $limited_uri)
10961120
->where('api_key', $this->rest->key)
10971121
->set('count', 'count + 1', FALSE)
10981122
->update($this->config->item('rest_limits_table'));

0 commit comments

Comments
 (0)