Home Esplora Aiuto
Accedi
Medowar
/
feuerwehr-freising-antragsformular
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 5e5a308fa5
Rami (Branch) Tag
feuerwehr-freis...
/
src
/
security
/
ratelimiter.php

ratelimiter.php 1.9 KB
Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace App\Security;
    6. 

  6. 

  7. use App\App\Bootstrap;
    8. 

  8. 

  9. final class RateLimiter
    10. 

  10. {
    11. 

  11.     private string $storageDir;
    12. 

  12.     private bool $enabled;
    13. 

  13. 

  14.     public function __construct()
    15. 

  15.     {
    16. 

  16.         $app = Bootstrap::config('app');
    17. 

  17.         $this->enabled = (bool) ($app['rate_limit']['enabled'] ?? true);
    18. 

  18.         $this->storageDir = (string) ($app['storage']['rate_limit'] ?? Bootstrap::rootPath() . '/storage/rate_limit');
    19. 

  19. 

  20.         if ($this->enabled && !is_dir($this->storageDir)) {
    21. 

  21.             mkdir($this->storageDir, 0775, true);
    22. 

  22.         }
    23. 

  23.     }
    24. 

  24. 

  25.     public function allow(string $key, int $limit, int $windowSeconds): bool
    26. 

  26.     {
    27. 

  27.         if (!$this->enabled) {
    28. 

  28.             return true;
    29. 

  29.         }
    30. 

  30. 

  31.         $hash = hash('sha256', $key);
    32. 

  32.         $path = $this->storageDir . '/' . $hash . '.json';
    33. 

  33.         $now = time();
    34. 

  34. 

  35.         $handle = fopen($path, 'c+');
    36. 

  36.         if ($handle === false) {
    37. 

  37.             return true;
    38. 

  38.         }
    39. 

  39. 

  40.         try {
    41. 

  41.             if (!flock($handle, LOCK_EX)) {
    42. 

  42.                 return true;
    43. 

  43.             }
    44. 

  44. 

  45.             $contents = stream_get_contents($handle);
    46. 

  46.             $timestamps = [];
    47. 

  47.             if (is_string($contents) && $contents !== '') {
    48. 

  48.                 $decoded = json_decode($contents, true);
    49. 

  49.                 if (is_array($decoded)) {
    50. 

  50.                     $timestamps = array_values(array_filter($decoded, static fn ($ts): bool => is_int($ts)));
    51. 

  51.                 }
    52. 

  52.             }
    53. 

  53. 

  54.             $threshold = $now - $windowSeconds;
    55. 

  55.             $timestamps = array_values(array_filter($timestamps, static fn (int $ts): bool => $ts >= $threshold));
    56. 

  56. 

  57.             if (count($timestamps) >= $limit) {
    58. 

  58.                 return false;
    59. 

  59.             }
    60. 

  60. 

  61.             $timestamps[] = $now;
    62. 

  62. 

  63.             ftruncate($handle, 0);
    64. 

  64.             rewind($handle);
    65. 

  65.             fwrite($handle, json_encode($timestamps));
    66. 

  66. 

  67.             return true;
    68. 

  68.         } finally {
    69. 

  69.             flock($handle, LOCK_UN);
    70. 

  70.             fclose($handle);
    71. 

  71.         }
    72. 

  72.     }
    73. 

  73. }
    74.