Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/api/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/3/clojure/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python TwilioAPI安全_Python_Api_Twilio_Fail2ban - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python TwilioAPI安全

Python TwilioAPI安全

python api twilio

Python TwilioAPI安全,python,api,twilio,fail2ban,Python,Api,Twilio,Fail2ban,我用python实现了twilio app = Flask(__name__) CORS(app) app.config.from_object('app_config') app.secret_key = '' client = Client(sid, token) limiter = Limiter( app, key_func=get_remote_address, default_limits=["5 per day", "1 p

我用python实现了twilio

app = Flask(__name__)
CORS(app)
app.config.from_object('app_config')
app.secret_key = ''

client = Client(sid, token)

limiter = Limiter(
    app,
    key_func=get_remote_address,
    default_limits=["5 per day", "1 per second"],
)


    @app.route("/start", methods=["POST"])
@limiter.limit("3 per day")
@requires_auth
def start():
    agent = request.headers['Agent']
    uagent = request.headers.get('Ugent')
    path = request.path
    if agent_check(agent) == False:
        ip = request.remote_addr
        return jsonify(success=False, message="Hey!Why are you here.")
    country_code = request.values.get("c")
    phone_number = request.values.get("n")
    chan = request.values.get("v")
    full_phone = "+{}{}".format(country_code, phone_number)
    SERVICE = app.config['VERIFY_SERVICE_SID']
    keep_log()
    try:
        r = client.verify \
            .services(SERVICE) \
            .verifications \
            .create(to=full_phone, channel=chan)
        return jsonify(success=True, message="Verification sent to {}".format(r.to))
    except Exception as e:
        return jsonify(success=False, message="Error sending verification: {}".format(e))



@app.route("/check", methods=["POST"])
@limiter.limit("3 per day")
@requires_auth
def check():
    agent=request.headers['Agent']
    uagent = request.headers.get('UAgent')
    path = request.path
    ip = request.remote_addr
    if agent_check(agent)==False:
        return jsonify(success=False, message="Hey!Why are you here.")
    if not request.values.get("c") or not request.values.get("v") or not request.values.get("n"):
       
        return jsonify(success=False, message="Wrong parameters")

    country_code = request.values.get("c")
    phone_number = request.values.get("n")
    full_phone = "+{}{}".format(country_code, phone_number)
    code = request.values.get("vc")


    SERVICE = app.config['VERIFY_SERVICE_SID']
    keep_log()
    try:
        r = client.verify \
            .services(SERVICE) \
            .verification_checks \
            .create(to=full_phone, code=code)

        if r.status == "approved":

            return jsonify(success=True, message="Valid token.")
        else:

            return jsonify(success=False, message="Invalid token.")
    except Exception as e:

        return jsonify(success=False, message="Error checking verification: {}".format(e))
呼叫和短信工作正常。我还使用flask速率限制器限制api调用,并对每天最多3次调用使用fail2ban。但黑客在限制后使用不同的ip(但相同的设备)调用此api。我如何实际限制1个用户的api调用