-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathRateLimitSubscriber.php
More file actions
102 lines (85 loc) · 3.01 KB
/
RateLimitSubscriber.php
File metadata and controls
102 lines (85 loc) · 3.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
declare(strict_types=1);
/**
* This source file is available under the terms of the
* Pimcore Open Core License (POCL)
* Full copyright and license information is available in
* LICENSE.md which is distributed with this source code.
*
* @copyright Copyright (c) Pimcore GmbH (https://www.pimcore.com)
* @license Pimcore Open Core License (POCL)
*/
namespace Pimcore\Bundle\StudioBackendBundle\EventSubscriber;
use Pimcore\Bundle\StudioBackendBundle\Exception\Api\RateLimitException;
use Pimcore\Bundle\StudioBackendBundle\Util\Trait\StudioBackendPathTrait;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\RateLimiter\RateLimit;
use Symfony\Component\RateLimiter\RateLimiterFactory;
/**
* @internal
*/
final class RateLimitSubscriber implements EventSubscriberInterface
{
use StudioBackendPathTrait;
private const string RATE_LIMIT_ATTRIBUTE = '_studio_rate_limit';
public function __construct(
private readonly string $urlPrefix,
private readonly RateLimiterFactory $studioApiGeneralLimiter,
private readonly bool $enabled = true,
) {
}
public static function getSubscribedEvents(): array
{
return [
KernelEvents::REQUEST => ['onKernelRequest', 200],
KernelEvents::RESPONSE => ['onKernelResponse', -10],
];
}
/**
* @throws RateLimitException
*/
public function onKernelRequest(RequestEvent $event): void
{
if (!$this->enabled || !$event->isMainRequest()) {
return;
}
$request = $event->getRequest();
if (
$request->getMethod() === 'OPTIONS' ||
!$this->isStudioBackendPath($request->getPathInfo(), $this->urlPrefix)
) {
return;
}
$key = $request->getClientIp() ?? 'unknown';
$limiter = $this->studioApiGeneralLimiter->create($key);
$rateLimit = $limiter->consume();
$request->attributes->set(self::RATE_LIMIT_ATTRIBUTE, $rateLimit);
if (!$rateLimit->isAccepted()) {
throw new RateLimitException();
}
}
public function onKernelResponse(ResponseEvent $event): void
{
if (!$this->enabled || !$event->isMainRequest()) {
return;
}
$request = $event->getRequest();
$rateLimit = $request->attributes->get(self::RATE_LIMIT_ATTRIBUTE);
if (!$rateLimit instanceof RateLimit) {
return;
}
$response = $event->getResponse();
$response->headers->set('X-RateLimit-Limit', (string) $rateLimit->getLimit());
$response->headers->set(
'X-RateLimit-Remaining',
(string) $rateLimit->getRemainingTokens()
);
$response->headers->set(
'X-RateLimit-Reset',
(string) $rateLimit->getRetryAfter()->getTimestamp()
);
}
}