-
-
Save aamsur-mkt/f27a8660404e8e3dc3daf32da95fe811 to your computer and use it in GitHub Desktop.
Lumen Middleware for rate limiting - based on Laravel's implementation.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace App\Http\Middleware; | |
| use Closure; | |
| use Illuminate\Http\Response; | |
| use Illuminate\Cache\RateLimiter; | |
| class ThrottleRequests | |
| { | |
| /** | |
| * The rate limiter instance. | |
| * | |
| * @var \Illuminate\Cache\RateLimiter | |
| */ | |
| protected $limiter; | |
| /** | |
| * Create a new request throttler. | |
| * | |
| * @param \Illuminate\Cache\RateLimiter $limiter | |
| * | |
| * @return void | |
| */ | |
| public function __construct(RateLimiter $limiter) | |
| { | |
| $this->limiter = $limiter; | |
| } | |
| /** | |
| * Handle an incoming request. | |
| * | |
| * @param \Illuminate\Http\Request $request | |
| * @param \Closure $next | |
| * @param int $maxAttempts | |
| * @param int $decayMinutes | |
| * | |
| * @return mixed | |
| */ | |
| public function handle($request, Closure $next, $maxAttempts = 1, $decaySeconds = 1) | |
| { | |
| $key = $this->resolveRequestSignature($request); | |
| if ($request->method() != "GET" && $request->method() != "OPTIONS") { | |
| if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decaySeconds / 60)) { | |
| return $this->buildResponse($key, $maxAttempts); | |
| } | |
| $this->limiter->hit($key, $decaySeconds); | |
| } | |
| $response = $next($request); | |
| return $this->addHeaders( | |
| $response, | |
| $maxAttempts, | |
| $this->calculateRemainingAttempts($key, $maxAttempts) | |
| ); | |
| } | |
| /** | |
| * Resolve request signature. | |
| * | |
| * @param \Illuminate\Http\Request $request | |
| * | |
| * @return string | |
| */ | |
| protected function resolveRequestSignature($request) | |
| { | |
| return sha1( | |
| $request->method() . | |
| '|' . $request->url() . | |
| '|' . $request->ip() | |
| ); | |
| } | |
| /** | |
| * Create a 'too many attempts' response. | |
| * | |
| * @param string $key | |
| * @param int $maxAttempts | |
| * | |
| * @return Response | |
| */ | |
| protected function buildResponse($key, $maxAttempts) | |
| { | |
| $response = new Response('Too Many Attempts.', 429); | |
| return $this->addHeaders( | |
| $response, | |
| $maxAttempts, | |
| $this->calculateRemainingAttempts($key, $maxAttempts), | |
| $this->limiter->availableIn($key) | |
| ); | |
| } | |
| /** | |
| * Add the limit header information to the given response. | |
| * | |
| * @param \Symfony\Component\HttpFoundation\Response $response | |
| * @param int $maxAttempts | |
| * @param int $remainingAttempts | |
| * @param int|null $retryAfter | |
| * | |
| * @return \Symfony\Component\HttpFoundation\Response | |
| */ | |
| protected function addHeaders( | |
| \Symfony\Component\HttpFoundation\Response $response, | |
| $maxAttempts, | |
| $remainingAttempts, | |
| $retryAfter = null | |
| ) { | |
| $headers = [ | |
| 'X-RateLimit-Limit' => $maxAttempts, | |
| 'X-RateLimit-Remaining' => $remainingAttempts, | |
| ]; | |
| if (!is_null($retryAfter)) { | |
| $headers['Retry-After'] = $retryAfter; | |
| } | |
| $response->headers->add($headers); | |
| return $response; | |
| } | |
| /** | |
| * Calculate the number of remaining attempts. | |
| * | |
| * @param string $key | |
| * @param int $maxAttempts | |
| * | |
| * @return int | |
| */ | |
| protected function calculateRemainingAttempts($key, $maxAttempts) | |
| { | |
| return $maxAttempts - $this->limiter->attempts($key) + 1; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment