radzhome · January 27, 2017 16:52
diff --git a/routes.py snippet b/routes.py snippet
 @your_app.route('/maxmind_alert', methods=['GET'])
 def post_maxmind_alert():
    """
    Get maxmind alerts
    https://www.maxmind.com/en/alert_url
    CARDER_EMAIL Email on order was flagged as high-risk email, as it was associated with another high-risk order
    HIGH_RISK_IP IP address has been marked as a high-risk IP
    HOSTING_PROVIDER IP is from High Risk Hosting Provider
    POSTAL_VELOCITY	IP address had high velocity of orders (e.g. different zipcodes on same IP address)
    UPDATED_INFORMATION	The transaction would be rated as higher risk based on updated information or analysis

    e.g.
    curl 'http://localhost:11082/maxmind_alert?i=24.24.24.24&maxmindID=1234ABCD&domain=sample.com&city=Anytown
    &region=CA&country=US&date=January+1,+1970&txnID=foo123&reason=IP+address+has+bee+marked+as+a+high-risk+IP
    &reason_code=HIGH_RISK_IP&minfraud_id=2afb0d26-e3b4-4624-8e66-fd10e64b95df'
    """
    # Allowed IPs where this request would come from
    minfraud_ips = ('158.85.196.194'
                    '158.85.196.195',
                    '173.193.250.109',
                    '173.193.250.125',
                    '173.193.250.99',
                    '198.11.246.5',
                    '2607:f0d0:2102:158::2',
                    '2607:f0d0:2102:158::3',
                    '2607:f0d0:3004:3e::',
                    '2607:f0d0:3004:3e::a',
                    '2607:f0d0:3004:3e::b',
                    '2607:f0d0:3005:fe::2')

    if str(request.remote_addr) not in minfraud_ips:
        # Probably want to block these calls
        logging.error("Not coming from minFraud")

    ip_address = request.args.get('i')
    maxmind_id = request.args.get('maxmindID')
    domain = request.args.get('domain')
    city = request.args.get('city')
    region = request.args.get('region')
    country = request.args.get('country')
    date = request.args.get('date')
    txn_id = request.args.get('txnID')  # order id
    reason = request.args.get('reason')
    minfraud_id = request.args.get('minfraud_id')

    return jsonify(ip=request.remote_addr, users_id=ip_address, tx_id=txn_id, reason=reason), 200
	@your_app.route('/maxmind_alert', methods=['GET'])
	def post_maxmind_alert():
	"""
	Get maxmind alerts
	https://www.maxmind.com/en/alert_url
	CARDER_EMAIL Email on order was flagged as high-risk email, as it was associated with another high-risk order
	HIGH_RISK_IP IP address has been marked as a high-risk IP
	HOSTING_PROVIDER IP is from High Risk Hosting Provider
	POSTAL_VELOCITY IP address had high velocity of orders (e.g. different zipcodes on same IP address)
	UPDATED_INFORMATION The transaction would be rated as higher risk based on updated information or analysis

	e.g.
	curl 'http://localhost:11082/maxmind_alert?i=24.24.24.24&maxmindID=1234ABCD&domain=sample.com&city=Anytown
	&region=CA&country=US&date=January+1,+1970&txnID=foo123&reason=IP+address+has+bee+marked+as+a+high-risk+IP
	&reason_code=HIGH_RISK_IP&minfraud_id=2afb0d26-e3b4-4624-8e66-fd10e64b95df'
	"""
	# Allowed IPs where this request would come from
	minfraud_ips = ('158.85.196.194'
	'158.85.196.195',
	'173.193.250.109',
	'173.193.250.125',
	'173.193.250.99',
	'198.11.246.5',
	'2607:f0d0:2102:158::2',
	'2607:f0d0:2102:158::3',
	'2607:f0d0:3004:3e::',
	'2607:f0d0:3004:3e::a',
	'2607:f0d0:3004:3e::b',
	'2607:f0d0:3005:fe::2')

	if str(request.remote_addr) not in minfraud_ips:
	# Probably want to block these calls
	logging.error("Not coming from minFraud")

	ip_address = request.args.get('i')
	maxmind_id = request.args.get('maxmindID')
	domain = request.args.get('domain')
	city = request.args.get('city')
	region = request.args.get('region')
	country = request.args.get('country')
	date = request.args.get('date')
	txn_id = request.args.get('txnID') # order id
	reason = request.args.get('reason')
	minfraud_id = request.args.get('minfraud_id')

	return jsonify(ip=request.remote_addr, users_id=ip_address, tx_id=txn_id, reason=reason), 200