2025-12-25 06:33:21 +01:00
|
|
|
<?php
|
|
|
|
|
|
2026-01-20 20:58:32 +01:00
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
2025-12-25 06:33:21 +01:00
|
|
|
namespace App\Providers;
|
|
|
|
|
|
|
|
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
|
|
|
use Illuminate\Support\ServiceProvider;
|
|
|
|
|
|
2026-01-20 20:58:32 +01:00
|
|
|
final class AppServiceProvider extends ServiceProvider
|
2025-12-25 06:33:21 +01:00
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Register any application services.
|
|
|
|
|
*/
|
|
|
|
|
public function register(): void
|
|
|
|
|
{
|
|
|
|
|
//
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Bootstrap any application services.
|
|
|
|
|
*/
|
|
|
|
|
public function boot(): void
|
|
|
|
|
{
|
|
|
|
|
$this->configureRateLimiting();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Configure the rate limiters for the application.
|
|
|
|
|
*/
|
2026-01-20 20:58:32 +01:00
|
|
|
private function configureRateLimiting(): void
|
2025-12-25 06:33:21 +01:00
|
|
|
{
|
|
|
|
|
// Default API rate limiter - 60 requests per minute
|
2026-01-20 20:58:32 +01:00
|
|
|
RateLimiter::for('api', fn (Request $request) => Limit::perMinute(60)->by($request->user()?->id ?: $request->ip()));
|
2025-12-25 06:33:21 +01:00
|
|
|
|
|
|
|
|
// Auth endpoints - more restrictive (prevent brute force)
|
2026-01-20 20:58:32 +01:00
|
|
|
RateLimiter::for('auth', fn (Request $request) => Limit::perMinute(5)->by($request->ip()));
|
2025-12-25 06:33:21 +01:00
|
|
|
|
|
|
|
|
// Authenticated user requests - higher limit
|
2026-01-20 20:58:32 +01:00
|
|
|
RateLimiter::for('authenticated', fn (Request $request) => $request->user()
|
|
|
|
|
? Limit::perMinute(120)->by($request->user()->id)
|
|
|
|
|
: Limit::perMinute(60)->by($request->ip()));
|
2025-12-25 06:33:21 +01:00
|
|
|
}
|
|
|
|
|
}
|