projects
/
freeside.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a2408d6
)
webservice infrastructure, RT#33849
author
Ivan Kohler
<ivan@freeside.biz>
Sat, 26 Mar 2016 21:37:37 +0000
(14:37 -0700)
committer
Ivan Kohler
<ivan@freeside.biz>
Sat, 26 Mar 2016 21:37:37 +0000
(14:37 -0700)
FS/FS/ClientAPI/Freeside.pm
patch
|
blob
|
history
diff --git
a/FS/FS/ClientAPI/Freeside.pm
b/FS/FS/ClientAPI/Freeside.pm
index
90fa550
..
dcd3ed6
100644
(file)
--- a/
FS/FS/ClientAPI/Freeside.pm
+++ b/
FS/FS/ClientAPI/Freeside.pm
@@
-8,7
+8,7
@@
use FS::svc_external;
use FS::webservice_log;
#$DEBUG = 0;
use FS::webservice_log;
#$DEBUG = 0;
-#$me = '[FS::ClientAPI:
:PrepaidPhon
e]';
+#$me = '[FS::ClientAPI:
Freesid
e]';
# inputs:
# support-key
# inputs:
# support-key
@@
-17,6
+17,7
@@
use FS::webservice_log;
#
# returns:
# error (empty, or error message)
#
# returns:
# error (empty, or error message)
+# custnum
sub freesideinc_service {
my $packet = shift;
sub freesideinc_service {
my $packet = shift;
@@
-36,8
+37,12
@@
sub freesideinc_service {
'_password' => $_password,
},
'extra_sql' => "AND svcpart = $svcpart",
'_password' => $_password,
},
'extra_sql' => "AND svcpart = $svcpart",
- })
- or return { 'error' => 'bad support-key' };
+ });
+ unless ( $svc_external ) {
+ warn "bad support-key for $username from $ENV{REMOTE_IP}\n";
+ sleep 5; #ideally also rate-limit and eventually ban their IP
+ return { 'error' => 'bad support-key' };
+ }
#XXX check if some customers can use some API calls, rate-limiting, etc.
# but for now, everybody can use everything
#XXX check if some customers can use some API calls, rate-limiting, etc.
# but for now, everybody can use everything