External/domain-watchdog
1
0
Fork 0
mirror of https://github.com/maelgangloff/domain-watchdog.git synced 2025-12-18 02:05:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: correct rate limiter

Browse Source
This commit is contained in:
Maël Gangloff 2024-08-05 22:26:18 +02:00
parent 686d39da62
commit 5663b1a3b4
No known key found for this signature in database
GPG Key ID: 11FDC81C24A7F629
2 changed files with 11 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/Controller/DomainRefreshController.php
View File

@ -14,6 +14,7 @@ use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException;
use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\Messenger\Exception\ExceptionInterface;
use Symfony\Component\Messenger\MessageBusInterface;
use Symfony\Component\RateLimiter\Exception\RateLimitExceededException;
use Symfony\Component\RateLimiter\RateLimiterFactory;
use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface;
use Symfony\Contracts\HttpClient\Exception\HttpExceptionInterface;
@ -64,13 +65,10 @@ class DomainRefreshController extends AbstractController
if (false === $kernel->isDebug() && true === $this->getParameter('limited_features')) {
$limiter = $this->rdapRequestsLimiter->create($userId);
$limit = $limiter->consume();
if (false === $limit->isAccepted()) {
$this->logger->warning('User {username} was rate limited by the API.', [
'username' => $this->getUser()->getUserIdentifier(),
]);
throw new TooManyRequestsHttpException($limit->getRetryAfter()->getTimestamp() - time());
try {
$limiter->consume()->ensureAccepted();
} catch (RateLimitExceededException $e) {
throw new TooManyRequestsHttpException($e->getRetryAfter()->getTimestamp() - time(), $e->getMessage());
}
}

15
src/Controller/RegistrationController.php
View File

@ -18,6 +18,7 @@ use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
use Symfony\Component\Mime\Address;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\RateLimiter\Exception\RateLimitExceededException;
use Symfony\Component\RateLimiter\RateLimiterFactory;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Serializer\SerializerInterface;
@ -54,17 +55,13 @@ class RegistrationController extends AbstractController
throw new UnauthorizedHttpException('', 'Registration is disabled on this instance');
}
$limiter = $this->userRegisterLimiter->create($request->getClientIp());
if (false === $this->kernel->isDebug()) {
$limit = $limiter->consume();
$limiter = $this->userRegisterLimiter->create($request->getClientIp());
if (false === $limit->isAccepted()) {
$this->logger->warning('IP address {ip} was rate limited by the Registration API.', [
'ip' => $request->getClientIp(),
]);
throw new TooManyRequestsHttpException($limit->getRetryAfter()->getTimestamp() - time());
try {
$limiter->consume()->ensureAccepted();
} catch (RateLimitExceededException $e) {
throw new TooManyRequestsHttpException($e->getRetryAfter()->getTimestamp() - time(), $e->getMessage());
}
}