Created
April 8, 2020 08:40
-
-
Save arispati/0223e39affdfda5f1568761173c62991 to your computer and use it in GitHub Desktop.
Throttle Middleware for Lumen
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace App\Http\Middleware; | |
use Closure; | |
use Illuminate\Cache\RateLimiter; | |
use Symfony\Component\HttpFoundation\Response; | |
class ThrottleRequests | |
{ | |
/** | |
* The rate limiter instance. | |
* | |
* @var \Illuminate\Cache\RateLimiter | |
*/ | |
protected $limiter; | |
/** | |
* Create a new request throttler. | |
* | |
* @param \Illuminate\Cache\RateLimiter $limiter | |
* | |
* @return void | |
*/ | |
public function __construct(RateLimiter $limiter) | |
{ | |
$this->limiter = $limiter; | |
} | |
/** | |
* Handle an incoming request. | |
* | |
* @param \Illuminate\Http\Request $request | |
* @param \Closure $next | |
* @param int $maxAttempts | |
* @param int $decayMinutes | |
* | |
* @return mixed | |
*/ | |
public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1) | |
{ | |
$key = $this->resolveRequestSignature($request); | |
if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) { | |
return $this->buildResponse($key, $maxAttempts); | |
} | |
$this->limiter->hit($key, $decayMinutes * 60); | |
$response = $next($request); | |
return $this->addHeaders( | |
$response, | |
$maxAttempts, | |
$this->limiter->retriesLeft($key, $maxAttempts) | |
); | |
} | |
/** | |
* Resolve request signature. | |
* | |
* @param \Illuminate\Http\Request $request | |
* | |
* @return string | |
*/ | |
protected function resolveRequestSignature($request) | |
{ | |
return sha1( | |
$request->method() . | |
'|' . $request->getHost() . | |
'|' . $request->ip() | |
); | |
} | |
/** | |
* Create a 'too many attempts' response. | |
* | |
* @param string $key | |
* @param int $maxAttempts | |
* | |
* @return \Illuminate\Http\Response | |
*/ | |
protected function buildResponse($key, $maxAttempts) | |
{ | |
$response = new Response('Too Many Attempts.', 429); | |
return $this->addHeaders( | |
$response, | |
$maxAttempts, | |
$this->limiter->retriesLeft($key, $maxAttempts), | |
$this->limiter->availableIn($key) | |
); | |
} | |
/** | |
* Add the limit header information to the given response. | |
* | |
* @param \Illuminate\Http\Response $response | |
* @param int $maxAttempts | |
* @param int $remainingAttempts | |
* @param int|null $retryAfter | |
* | |
* @return \Illuminate\Http\Response | |
*/ | |
protected function addHeaders(Response $response, $maxAttempts, $remainingAttempts, $retryAfter = null) | |
{ | |
$headers = [ | |
'X-RateLimit-Limit' => $maxAttempts, | |
'X-RateLimit-Remaining' => $remainingAttempts, | |
]; | |
if (!is_null($retryAfter)) { | |
$headers['Retry-After'] = $retryAfter; | |
} | |
$response->headers->add($headers); | |
return $response; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment