mirror of
https://github.com/cydrobolt/polr.git
synced 2024-09-19 15:11:40 +02:00
Merge pull request #320 from cydrobolt/api_fixes_quota
API bugfixes & add anonymous API quota setting
This commit is contained in:
Chaoyi Zha
GitHub
commit
4286d209d5
@ -20,10 +20,7 @@ class ApiHelper {
|
||||
$api_quota = $user->api_quota;
|
||||
}
|
||||
else {
|
||||
// TODO add option to change default quota for anonymous
|
||||
// API users
|
||||
|
||||
$api_quota = 5;
|
||||
$api_quota = env('SETTING_ANON_API_QUOTA') ?: 5;
|
||||
}
|
||||
|
||||
$links_last_minute = Link::where('is_api', 1)
|
||||
|
||||
@ -12,6 +12,10 @@ class ApiAnalyticsController extends ApiController {
|
||||
$user = $request->user;
|
||||
$response_type = $request->input('response_type') ?: 'json';
|
||||
|
||||
if ($user->anonymous) {
|
||||
throw new ApiException('AUTH_ERROR', 'Anonymous access of this API is not permitted.', 401, $response_type);
|
||||
}
|
||||
|
||||
if ($response_type != 'json') {
|
||||
throw new ApiException('JSON_ONLY', 'Only JSON-encoded data is available for this endpoint.', 401, $response_type);
|
||||
}
|
||||
|
||||
@ -118,6 +118,7 @@ class SetupController extends Controller {
|
||||
$st_base = $request->input('setting:base');
|
||||
$st_auto_api_key = $request->input('setting:auto_api_key');
|
||||
$st_anon_api = $request->input('setting:anon_api');
|
||||
$st_anon_api_quota = $request->input('setting:anon_api_quota');
|
||||
$st_pseudor_ending = $request->input('setting:pseudor_ending');
|
||||
$st_adv_analytics = $request->input('setting:adv_analytics');
|
||||
|
||||
@ -171,6 +172,7 @@ class SetupController extends Controller {
|
||||
'ST_BASE' => $st_base,
|
||||
'ST_AUTO_API' => $st_auto_api_key,
|
||||
'ST_ANON_API' => $st_anon_api,
|
||||
'ST_ANON_API_QUOTA' => $st_anon_api_quota,
|
||||
'ST_PSEUDOR_ENDING' => $st_pseudor_ending,
|
||||
'ST_ADV_ANALYTICS' => $st_adv_analytics,
|
||||
|
||||
|
||||
@ -23,7 +23,8 @@ class ApiMiddleware {
|
||||
throw new ApiException('AUTH_ERROR', 'Authentication token required.', 401, $response_type);
|
||||
}
|
||||
$user = (object) [
|
||||
'username' => $username
|
||||
'username' => $username,
|
||||
'anonymous' => true
|
||||
];
|
||||
}
|
||||
else {
|
||||
@ -33,9 +34,10 @@ class ApiMiddleware {
|
||||
->first();
|
||||
|
||||
if (!$user) {
|
||||
throw new ApiException('AUTH_ERROR', 'Authentication token required.', 401, $response_type);
|
||||
throw new ApiException('AUTH_ERROR', 'Authentication token invalid.', 401, $response_type);
|
||||
}
|
||||
$username = $user->username;
|
||||
$user->anonymous = false;
|
||||
}
|
||||
|
||||
$api_limit_reached = ApiHelper::checkUserApiQuota($username);
|
||||
|
||||
@ -38,6 +38,7 @@ input.api-quota {
|
||||
width: 9em;
|
||||
font-size: .85em;
|
||||
height: .85em;
|
||||
padding-left: 0.8em;
|
||||
}
|
||||
|
||||
.wrap-text {
|
||||
|
||||
@ -1,3 +1,13 @@
|
||||
polr.directive('setupTooltip', function() {
|
||||
return {
|
||||
scope: {
|
||||
content: '@',
|
||||
},
|
||||
replace: true,
|
||||
template: '<button data-content="{{ content }}" type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>'
|
||||
}
|
||||
})
|
||||
|
||||
polr.controller('SetupCtrl', function($scope) {
|
||||
$scope.init = function () {
|
||||
$('[data-toggle="popover"]').popover({
|
||||
|
||||
@ -71,6 +71,9 @@ SETTING_AUTO_API={{$ST_AUTO_API}}
|
||||
# Set to true to allow anonymous API access
|
||||
SETTING_ANON_API={{$ST_ANON_API}}
|
||||
|
||||
# Set the anonymous API quota per IP
|
||||
SETTING_ANON_API_QUOTA={{$ST_ANON_API_QUOTA}}
|
||||
|
||||
# Set to true to use pseudorandom strings rather than using a counter by default
|
||||
SETTING_PSEUDORANDOM_ENDING={{$ST_PSEUDOR_ENDING}}
|
||||
|
||||
|
||||
@ -39,7 +39,7 @@ Setup
|
||||
|
||||
<p>
|
||||
Database Name:
|
||||
<button data-content="Name of existing database. You must create the Polr database manually." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Name of existing database. You must create the Polr database manually."></setup-tooltip>
|
||||
</p>
|
||||
<input type='text' class='form-control' name='db:name' value='polr'>
|
||||
|
||||
@ -85,7 +85,7 @@ Setup
|
||||
|
||||
<p>
|
||||
Redirect URL:
|
||||
<button data-content="Required if you wish to redirect the index page or 404s to a different website. To use Polr, login by directly heading to yoursite.com/login first." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Required if you wish to redirect the index page or 404s to a different website. To use Polr, login by directly heading to yoursite.com/login first."></setup-tooltip>
|
||||
</p>
|
||||
<input type='text' class='form-control' name='setting:index_redirect' placeholder='http://your-main-site.com'>
|
||||
<p class='text-muted'>
|
||||
@ -96,7 +96,7 @@ Setup
|
||||
|
||||
<p>
|
||||
Default URL Ending Type:
|
||||
<button data-content="If you choose to use pseudorandom strings, you will not have the option to use a counter-based ending." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="If you choose to use pseudorandom strings, you will not have the option to use a counter-based ending."></setup-tooltip>
|
||||
</p>
|
||||
<select name='setting:pseudor_ending' class='form-control'>
|
||||
<option value='false' selected='selected'>Use base62 or base32 counter (shorter but more predictable, e.g 5a)</option>
|
||||
@ -105,7 +105,7 @@ Setup
|
||||
|
||||
<p>
|
||||
URL Ending Base:
|
||||
<button data-content="This will have no effect if you choose to use pseudorandom endings." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="This will have no effect if you choose to use pseudorandom endings."></setup-tooltip>
|
||||
</p>
|
||||
<select name='setting:base' class='form-control'>
|
||||
<option value='32' selected='selected'>32 -- lowercase letters & numbers (default)</option>
|
||||
@ -114,7 +114,7 @@ Setup
|
||||
|
||||
<h4>
|
||||
Admin Account Settings
|
||||
<button data-content="These credentials will be used for your admin account in Polr." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="These credentials will be used for your admin account in Polr."></setup-tooltip>
|
||||
</h4>
|
||||
|
||||
<p>Admin Username:</p>
|
||||
@ -128,7 +128,7 @@ Setup
|
||||
|
||||
<h4>
|
||||
SMTP Settings
|
||||
<button data-content="Required only if the email verification or password recovery features are enabled." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Required only if the email verification or password recovery features are enabled."></setup-tooltip>
|
||||
</h4>
|
||||
|
||||
<p>SMTP Server:</p>
|
||||
@ -156,6 +156,12 @@ Setup
|
||||
<option value='true'>On -- empty key API requests are allowed</option>
|
||||
</select>
|
||||
|
||||
<p>
|
||||
Anonymous API Quota:
|
||||
<setup-tooltip content="API quota for non-authenticated users per minute per IP."></setup-tooltip>
|
||||
</p>
|
||||
<input type='text' class='form-control' name='setting:anon_api_quota' placeholder='10'>
|
||||
|
||||
<p>Automatic API Assignment:</p>
|
||||
<select name='setting:auto_api_key' class='form-control'>
|
||||
<option selected value='false'>Off -- admins must manually enable API for each user</option>
|
||||
@ -166,7 +172,7 @@ Setup
|
||||
|
||||
<p>
|
||||
Registration:
|
||||
<button data-content="Enabling registration allows any user to create an account." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Enabling registration allows any user to create an account."></setup-tooltip>
|
||||
</p>
|
||||
<select name='setting:registration_permission' class='form-control'>
|
||||
<option value='none'>Registration disabled</option>
|
||||
@ -176,7 +182,7 @@ Setup
|
||||
|
||||
<p>
|
||||
Restrict Registration Email Domains:
|
||||
<button data-content="Restrict registration to certain email domains." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Restrict registration to certain email domains."></setup-tooltip>
|
||||
</p>
|
||||
<select name='setting:restrict_email_domain' class='form-control'>
|
||||
<option value='false'>Allow any email domain to register</option>
|
||||
@ -185,13 +191,13 @@ Setup
|
||||
|
||||
<p>
|
||||
Permitted Email Domains:
|
||||
<button data-content="A comma-separated list of emails permitted to register." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="A comma-separated list of emails permitted to register."></setup-tooltip>
|
||||
</p>
|
||||
<input type='text' class='form-control' name='setting:allowed_email_domains' placeholder='company.com,company-corp.com'>
|
||||
|
||||
<p>
|
||||
Password Recovery:
|
||||
<button data-content="Password recovery allows users to reset their password through email." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
|
||||
<setup-tooltip content="Password recovery allows users to reset their password through email."></setup-tooltip>
|
||||
</p>
|
||||
<select name='setting:password_recovery' class='form-control'>
|
||||
<option value='false'>Password recovery disabled</option>
|
||||
@ -201,9 +207,6 @@ Setup
|
||||
Please ensure SMTP is properly set up before enabling password recovery.
|
||||
</p>
|
||||
|
||||
{{-- <p>Path relative to root (leave blank if /, if http://site.com/polr, then write /polr/):</p>
|
||||
<input type='text' class='form-control' name='path' placeholder='/polr/' value=''> --}}
|
||||
|
||||
<p>Theme (<a href='https://github.com/cydrobolt/polr/wiki/Themes-Screenshots'>screenshots</a>):</p>
|
||||
<select name='app:stylesheet' class='form-control'>
|
||||
<option value=''>Modern (default)</option>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user