[Piwik-hackers] Separate controller for API calls?
Matthieu Aubry
matthieu.aubry at gmail.com
Wed Jul 23 00:39:08 CEST 2008
Why do you IP restrict when you could use the token_auth restriction?
px wrote:
> ++to a different controller for API
>
> Daniel Blanco wrote:
>
>> Hi!
>> I think it would be nice if the API calls were made against a different
>> controller than index.php, in the same way the tracking js sends the
>> tracking info to piwik.php.
>> For example, having a separate file like api.php, will allow us to
>> restrict the backend access to a certain IP address, but still permit
>> the API calls to be made from any IP.
>>
>> What I've done to solve this is to create a "proxy" that recieves the
>> API calls and forwards them to the index.php which is locked by the
>> .htacces and only accepts
>> requests from localhost, while that "proxy" accepts connections from
>> everywhere.
>>
>> What do you think? Is a good or bad idea?
>>
>> Thanks for this great tool that is helping us a lot with stats!!
>>
>> Dani
>> _______________________________________________
>> Piwik-hackers mailing list
>> Piwik-hackers at piwik.org
>> http://lists.piwik.org/cgi-bin/mailman/listinfo/piwik-hackers
>>
>>
>
> _______________________________________________
> Piwik-hackers mailing list
> Piwik-hackers at piwik.org
> http://lists.piwik.org/cgi-bin/mailman/listinfo/piwik-hackers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.piwik.org/pipermail/piwik-hackers/attachments/20080722/0c8c1e6b/attachment.htm
More information about the Piwik-hackers
mailing list