rate limit things

This commit is contained in:
Andras Bacsai 2023-08-15 14:27:45 +02:00
parent 88b3005589
commit f8d7c5209e
11 changed files with 90 additions and 9 deletions

View File

@ -3,10 +3,12 @@
namespace App\Http\Livewire;
use Illuminate\Support\Facades\Hash;
use DanHarrin\LivewireRateLimiting\WithRateLimiting;
use Livewire\Component;
class ForcePasswordReset extends Component
{
use WithRateLimiting;
public string $email;
public string $password;
public string $password_confirmation;
@ -21,6 +23,7 @@ public function mount() {
}
public function submit() {
try {
$this->rateLimit(10);
$this->validate();
auth()->user()->forceFill([
'password' => Hash::make($this->password),

View File

@ -3,6 +3,7 @@
namespace App\Http\Livewire;
use App\Jobs\SendConfirmationForWaitlistJob;
use App\Models\User;
use App\Models\Waitlist as ModelsWaitlist;
use Livewire\Component;
@ -24,6 +25,11 @@ public function submit()
{
$this->validate();
try {
$already_registered = User::whereEmail($this->email)->first();
if ($already_registered) {
$this->emit('success', 'You are already registered (Thank you 💜).');
return;
}
$found = ModelsWaitlist::where('email', $this->email)->first();
ray($found);
if ($found) {

View File

@ -98,6 +98,14 @@ public function boot(): void
return view('auth.two-factor-challenge');
});
RateLimiter::for('force-password-reset', function (Request $request) {
return Limit::perMinute(15)->by($request->user()->id);
});
RateLimiter::for('forgot-password', function (Request $request) {
return Limit::perMinute(5)->by($request->ip());
});
RateLimiter::for('login', function (Request $request) {
$email = (string)$request->email;

View File

@ -8,6 +8,7 @@
use Nubs\RandomNameGenerator\All;
use Poliander\Cron\CronExpression;
use Visus\Cuid2\Cuid2;
use DanHarrin\LivewireRateLimiting\Exceptions\TooManyRequestsException;
function application_configuration_dir(): string
{
@ -46,7 +47,9 @@ function general_error_handler(Throwable|null $err = null, $that = null, $isJson
} else {
throw new Exception($customErrorMessage ?? $err->errorInfo[2]);
}
} else {
} elseif($err instanceof TooManyRequestsException){
throw new Exception($customErrorMessage ?? "Too many requests. Please try again in {$err->secondsUntilAvailable} seconds.");
}else {
throw new Exception($customErrorMessage ?? $err->getMessage());
}
} catch (Throwable $error) {

View File

@ -9,6 +9,7 @@
"license": "MIT",
"require": {
"php": "^8.2",
"danharrin/livewire-rate-limiting": "^1.1",
"doctrine/dbal": "^3.6",
"guzzlehttp/guzzle": "^7.5.0",
"laravel/fortify": "^v1.16.0",

55
composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "ba59e457afa0cfb65b82118f7287147b",
"content-hash": "0c023bed552776ee5e4eeda1ff0a5e19",
"packages": [
{
"name": "aws/aws-crt-php",
@ -330,6 +330,59 @@
],
"time": "2022-02-21T13:15:14+00:00"
},
{
"name": "danharrin/livewire-rate-limiting",
"version": "v1.1.0",
"source": {
"type": "git",
"url": "https://github.com/danharrin/livewire-rate-limiting.git",
"reference": "a55996683cabf2e93893280d602191243b3b80b8"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/danharrin/livewire-rate-limiting/zipball/a55996683cabf2e93893280d602191243b3b80b8",
"reference": "a55996683cabf2e93893280d602191243b3b80b8",
"shasum": ""
},
"require": {
"illuminate/support": "^9.0|^10.0",
"php": "^8.0"
},
"require-dev": {
"livewire/livewire": "^2.3",
"orchestra/testbench": "^7.0|^8.0",
"phpunit/phpunit": "^9.0|^10.0"
},
"type": "library",
"autoload": {
"psr-4": {
"DanHarrin\\LivewireRateLimiting\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Dan Harrin",
"email": "dan@danharrin.com"
}
],
"description": "Apply rate limiters to Laravel Livewire actions.",
"homepage": "https://github.com/danharrin/livewire-rate-limiting",
"support": {
"issues": "https://github.com/danharrin/livewire-rate-limiting/issues",
"source": "https://github.com/danharrin/livewire-rate-limiting"
},
"funding": [
{
"url": "https://github.com/danharrin",
"type": "github"
}
],
"time": "2023-03-12T12:17:29+00:00"
},
{
"name": "dasprid/enum",
"version": "1.0.4",

View File

@ -105,6 +105,7 @@
'limiters' => [
'login' => 'login',
'two-factor' => 'two-factor',
'forgot-password' => 'forgot-password',
],
/*

View File

@ -3,7 +3,6 @@
<div class="w-96 min-w-fit">
<div class="flex flex-col items-center pb-8">
<div class="text-5xl font-extrabold tracking-tight text-center text-white">Coolify</div>
<x-version />
</div>
<div class="flex items-center gap-2">
<h1>{{ __('auth.login') }}</h1>

View File

@ -9,9 +9,9 @@
<h2>Set your initial password</h2>
</div>
<form class="flex flex-col gap-2" wire:submit.prevent='submit'>
<x-forms.input id="email" type="email" placeholder="Email" readonly />
<x-forms.input id="password" type="password" placeholder="New Password" />
<x-forms.input id="password_confirmation" type="password" placeholder="Confirm New Password" />
<x-forms.input id="email" type="email" placeholder="Email" readonly label="Email" />
<x-forms.input id="password" type="password" placeholder="New Password" label="New Password" required />
<x-forms.input id="password_confirmation" type="password" placeholder="Confirm New Password" label="Confirm New Password" required />
<x-forms.button type="submit">Reset Password</x-forms.button>
</form>
</div>

View File

@ -1,7 +1,12 @@
<div class="min-h-screen hero">
<div class="w-96 min-w-fit">
<div class="flex flex-col items-center pb-8">
<a href="{{ route('dashboard') }}">
<div class="text-5xl font-bold tracking-tight text-center text-white">Coolify</div>
</a>
</div>
<div class="flex items-center justify-center pb-4 text-center">
<h2>Start self-hosting in the
<h2>Self-hosting in the cloud
<svg class="inline-block w-8 h-8 text-warning width="512" height="512" viewBox="0 0 20 20"
xmlns="http://www.w3.org/2000/svg">
<g fill="currentColor" fill-rule="evenodd" clip-rule="evenodd">
@ -18,6 +23,6 @@
<x-forms.input id="email" type="email" label="Email" placeholder="youareawesome@protonmail.com" />
<x-forms.button type="submit">Join Waitlist</x-forms.button>
</form>
Waiting: {{$waiting_in_line}}
Waiting in the line: {{$waiting_in_line}}
</div>
</div>

View File

@ -93,7 +93,9 @@
Route::middleware(['auth'])->group(function () {
Route::get('/', [Controller::class, 'dashboard'])->name('dashboard');
Route::get('/force-password-reset', [Controller::class, 'force_passoword_reset'])->name('auth.force-password-reset');
Route::middleware(['throttle:force-password-reset'])->group(function() {
Route::get('/force-password-reset', [Controller::class, 'force_passoword_reset'])->name('auth.force-password-reset');
});
Route::get('/subscription', [Controller::class, 'subscription'])->name('subscription');
Route::get('/settings', [Controller::class, 'settings'])->name('settings.configuration');
Route::get('/settings/license', [Controller::class, 'license'])->name('settings.license');