Skip to content

Instantly share code, notes, and snippets.

@dhtml
Forked from developerdino/ThrottleRequests.php
Created November 17, 2020 11:52
Show Gist options
  • Save dhtml/d8cd09ef8c8e6cbdd13aa0b2573f71eb to your computer and use it in GitHub Desktop.
Save dhtml/d8cd09ef8c8e6cbdd13aa0b2573f71eb to your computer and use it in GitHub Desktop.
Lumen Middleware for rate limiting - based on Laravel's implementation.
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Response;
use Illuminate\Cache\RateLimiter;
class ThrottleRequests
{
/**
* The rate limiter instance.
*
* @var \Illuminate\Cache\RateLimiter
*/
protected $limiter;
/**
* Create a new request throttler.
*
* @param \Illuminate\Cache\RateLimiter $limiter
*
* @return void
*/
public function __construct(RateLimiter $limiter)
{
$this->limiter = $limiter;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param int $maxAttempts
* @param int $decayMinutes
*
* @return mixed
*/
public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1)
{
$key = $this->resolveRequestSignature($request);
if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) {
return $this->buildResponse($key, $maxAttempts);
}
$this->limiter->hit($key, $decayMinutes);
$response = $next($request);
return $this->addHeaders(
$response,
$maxAttempts,
$this->calculateRemainingAttempts($key, $maxAttempts)
);
}
/**
* Resolve request signature.
*
* @param \Illuminate\Http\Request $request
*
* @return string
*/
protected function resolveRequestSignature($request)
{
return sha1(
$request->method() .
'|' . $request->getHost() .
'|' . $request->ip()
);
}
/**
* Create a 'too many attempts' response.
*
* @param string $key
* @param int $maxAttempts
*
* @return \Illuminate\Http\Response
*/
protected function buildResponse($key, $maxAttempts)
{
$response = new Response('Too Many Attempts.', 429);
return $this->addHeaders(
$response,
$maxAttempts,
$this->calculateRemainingAttempts($key, $maxAttempts),
$this->limiter->availableIn($key)
);
}
/**
* Add the limit header information to the given response.
*
* @param \Illuminate\Http\Response $response
* @param int $maxAttempts
* @param int $remainingAttempts
* @param int|null $retryAfter
*
* @return \Illuminate\Http\Response
*/
protected function addHeaders(Response $response, $maxAttempts, $remainingAttempts, $retryAfter = null)
{
$headers = [
'X-RateLimit-Limit' => $maxAttempts,
'X-RateLimit-Remaining' => $remainingAttempts,
];
if (!is_null($retryAfter)) {
$headers['Retry-After'] = $retryAfter;
}
$response->headers->add($headers);
return $response;
}
/**
* Calculate the number of remaining attempts.
*
* @param string $key
* @param int $maxAttempts
*
* @return int
*/
protected function calculateRemainingAttempts($key, $maxAttempts)
{
return $maxAttempts - $this->limiter->attempts($key) + 1;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment