From 2e1ae56054c0dfec582dee919f2fed4dbb9fc8a2 Mon Sep 17 00:00:00 2001
From: ldestailleur <eldy@destailleur.fr>
Date: Mon, 28 Jul 2025 12:05:25 +0200
Subject: [PATCH] Add API_COUNTER_ENABLED to track pb with api abuse.

---
 htdocs/api/class/api_access.class.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php
index 6a81b2e5975..3b67800e9fd 100644
--- a/htdocs/api/class/api_access.class.php
+++ b/htdocs/api/class/api_access.class.php
@@ -182,7 +182,7 @@ class DolibarrApiAccess implements iAuthenticate
 			}
 
 			// Check if user status is enabled
-			if ($fuser->statut != $fuser::STATUS_ENABLED) {
+			if ($fuser->status != $fuser::STATUS_ENABLED) {
 				// Status is disabled
 				dol_syslog("functions_isallowed::check_user_api_key Authentication KO for '".$login."': The user has been disabled", LOG_NOTICE);
 				sleep(1); // Anti brute force protection. Must be same delay when user and password are not valid.
@@ -205,6 +205,14 @@ class DolibarrApiAccess implements iAuthenticate
 				throw new RestException(401, $genericmessageerroruser);
 			}
 
+			// TODO
+			// Increase counter of API access
+			if (getDolGlobalString('API_COUNTER_ENABLED')) {
+				include DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
+				dolibarr_set_const($this->db, 'API_COUNTER_COUNT', getDolGlobalInt('API_COUNTER_COUNT') + 1);
+				//var_dump('eeee');exit;
+			}
+
 			// User seems valid
 			$fuser->loadRights();