mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 19:19:19 +02:00
8e36f98139
The default cache directory for the file-based rate limiter was src/cache/rate_limit/, placing transient JSON files inside the source tree. This meant: - The directory was deployed via rsync on every deploy (wasted I/O) - .gitignore had to track a src/-internal path - Developers running tests could leave stale cache state in the source tree Changes: - src/RateLimit.php: default $cacheDir changed from __DIR__.'/cache/rate_limit' to dirname(__DIR__).'/storage/cache/rate_limit'; dirname(__DIR__) resolves to the project root regardless of how the file is loaded (with or without bootstrap) - .gitignore: replaced 'src/cache/rate_limit/' with 'storage/cache/' (broader, covers any future cache subdirs under storage/) - storage/cache/.gitkeep: added so the directory is tracked in VCS and created on fresh clones/deploys, but its contents are ignored - justfile: added '--exclude storage/cache/*' to the deploy rsync recipe so rate-limit state is never transferred to the server - src/cache/: removed (no longer needed) All RateLimit unit tests pass.
163 lines
4.8 KiB
PHP
163 lines
4.8 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Simple file-based rate limiter
|
|
* Prevents abuse by limiting requests per IP address
|
|
*/
|
|
class RateLimit {
|
|
private $cacheDir;
|
|
private $maxRequests;
|
|
private $timeWindow;
|
|
|
|
/**
|
|
* Constructor
|
|
* @param int $maxRequests Maximum requests allowed in time window
|
|
* @param int $timeWindow Time window in seconds
|
|
* @param string $cacheDir Directory to store rate limit data
|
|
*/
|
|
public function __construct($maxRequests = 30, $timeWindow = 60, $cacheDir = null) {
|
|
$this->maxRequests = $maxRequests;
|
|
$this->timeWindow = $timeWindow;
|
|
$this->cacheDir = $cacheDir ?? dirname(__DIR__) . '/storage/cache/rate_limit';
|
|
|
|
// Create cache directory if it doesn't exist
|
|
if (!is_dir($this->cacheDir)) {
|
|
mkdir($this->cacheDir, 0755, true);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get client identifier (IP address)
|
|
* @return string Client identifier
|
|
*/
|
|
private function getClientIdentifier(): string {
|
|
// Use REMOTE_ADDR only — HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP
|
|
// are fully attacker-controlled request headers and must never be
|
|
// trusted for rate-limiting purposes (an attacker can rotate them
|
|
// freely to bypass the limiter). Nginx-level rate limiting also
|
|
// uses $binary_remote_addr for the same reason. If this app is
|
|
// ever placed behind a trusted reverse-proxy, IP extraction should
|
|
// be handled at the nginx level, not here.
|
|
return $_SERVER['REMOTE_ADDR'] ?? 'unknown';
|
|
}
|
|
|
|
/**
|
|
* Get cache file path for a client
|
|
* @param string $identifier Client identifier
|
|
* @return string File path
|
|
*/
|
|
private function getCacheFile($identifier) {
|
|
return $this->cacheDir . '/' . md5($identifier) . '.json';
|
|
}
|
|
|
|
/**
|
|
* Check if client has exceeded rate limit
|
|
* @return bool True if allowed, false if rate limit exceeded
|
|
*/
|
|
public function check() {
|
|
$identifier = $this->getClientIdentifier();
|
|
$file = $this->getCacheFile($identifier);
|
|
|
|
// Load existing request timestamps
|
|
$data = [];
|
|
if (file_exists($file)) {
|
|
$content = file_get_contents($file);
|
|
$data = json_decode($content, true) ?? [];
|
|
}
|
|
|
|
// Clean old entries outside time window
|
|
$now = time();
|
|
$data = array_filter($data, function($timestamp) use ($now) {
|
|
return ($now - $timestamp) < $this->timeWindow;
|
|
});
|
|
|
|
// Check if limit exceeded
|
|
if (count($data) >= $this->maxRequests) {
|
|
return false;
|
|
}
|
|
|
|
// Add new request timestamp
|
|
$data[] = $now;
|
|
|
|
// Save updated data
|
|
file_put_contents($file, json_encode($data));
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Get remaining requests for current client
|
|
* @return int Number of requests remaining
|
|
*/
|
|
public function getRemaining() {
|
|
$identifier = $this->getClientIdentifier();
|
|
$file = $this->getCacheFile($identifier);
|
|
|
|
if (!file_exists($file)) {
|
|
return $this->maxRequests;
|
|
}
|
|
|
|
$content = file_get_contents($file);
|
|
$data = json_decode($content, true) ?? [];
|
|
|
|
// Clean old entries
|
|
$now = time();
|
|
$data = array_filter($data, function($timestamp) use ($now) {
|
|
return ($now - $timestamp) < $this->timeWindow;
|
|
});
|
|
|
|
return max(0, $this->maxRequests - count($data));
|
|
}
|
|
|
|
/**
|
|
* Get time until rate limit resets
|
|
* @return int Seconds until reset
|
|
*/
|
|
public function getResetTime() {
|
|
$identifier = $this->getClientIdentifier();
|
|
$file = $this->getCacheFile($identifier);
|
|
|
|
if (!file_exists($file)) {
|
|
return 0;
|
|
}
|
|
|
|
$content = file_get_contents($file);
|
|
$data = json_decode($content, true) ?? [];
|
|
|
|
if (empty($data)) {
|
|
return 0;
|
|
}
|
|
|
|
// Find oldest timestamp
|
|
$oldest = min($data);
|
|
$resetTime = $oldest + $this->timeWindow - time();
|
|
|
|
return max(0, $resetTime);
|
|
}
|
|
|
|
/**
|
|
* Clean up old cache files (run periodically)
|
|
* Removes files that haven't been modified in 24 hours
|
|
*/
|
|
public function cleanup() {
|
|
$files = glob($this->cacheDir . '/*.json');
|
|
$cutoff = time() - 86400; // 24 hours
|
|
|
|
foreach ($files as $file) {
|
|
if (filemtime($file) < $cutoff) {
|
|
unlink($file);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Send rate limit headers
|
|
* Provides information about rate limits to clients
|
|
*/
|
|
public function sendHeaders() {
|
|
header('X-RateLimit-Limit: ' . $this->maxRequests);
|
|
header('X-RateLimit-Remaining: ' . $this->getRemaining());
|
|
header('X-RateLimit-Reset: ' . (time() + $this->getResetTime()));
|
|
}
|
|
}
|