|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/* |
|
4
|
|
|
* This file is part of the godruoyi/laravel-tencent007-captcha. |
|
5
|
|
|
* |
|
6
|
|
|
* (c) Godruoyi <[email protected]> |
|
7
|
|
|
* |
|
8
|
|
|
* This source file is subject to the MIT license that is bundled. |
|
9
|
|
|
*/ |
|
10
|
|
|
|
|
11
|
|
|
namespace Godruoyi\Tencent007\Middlewares; |
|
12
|
|
|
|
|
13
|
|
|
use Closure; |
|
14
|
|
|
use Godruoyi\Tencent007\Client; |
|
15
|
|
|
use Godruoyi\Tencent007\Exceptions\NeedCaptchaAuthException; |
|
16
|
|
|
use Godruoyi\Tencent007\Exceptions\RequestNotPassedException; |
|
17
|
|
|
use Godruoyi\Tencent007\Response as Tencent007Response; |
|
18
|
|
|
use Illuminate\Contracts\Cache\Repository as Cache; |
|
19
|
|
|
use Illuminate\Routing\Middleware\ThrottleRequests as BaseThrottleRequests; |
|
20
|
|
|
|
|
21
|
|
|
class ThrottleRequests extends BaseThrottleRequests |
|
22
|
|
|
{ |
|
23
|
|
|
/** |
|
24
|
|
|
* Handle an incoming request. |
|
25
|
|
|
* |
|
26
|
|
|
* @param \Illuminate\Http\Request $request |
|
27
|
|
|
* @param \Closure $next |
|
28
|
|
|
* @param int|string $maxAttempts |
|
29
|
|
|
* @param float|int $decayMinutes |
|
30
|
|
|
* |
|
31
|
|
|
* @return mixed |
|
32
|
|
|
* |
|
33
|
|
|
* @throws \Symfony\Component\HttpKernel\Exception\HttpException |
|
34
|
|
|
*/ |
|
35
|
|
|
public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1) |
|
36
|
|
|
{ |
|
37
|
|
|
$key = $this->resolveRequestSignature($request); |
|
38
|
|
|
|
|
39
|
|
|
if ($this->existsInCacheForRequest($key, $request)) { |
|
40
|
|
|
return $next($request); |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
$maxAttempts = $this->resolveMaxAttempts($request, $maxAttempts); |
|
44
|
|
|
|
|
45
|
|
|
if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes) |
|
|
|
|
|
|
46
|
|
|
&& ($response = $this->processTooManyAttempts($request, $key))) { |
|
47
|
|
|
return $response; |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
$this->hit($key, $decayMinutes); |
|
51
|
|
|
|
|
52
|
|
|
$response = $next($request); |
|
53
|
|
|
|
|
54
|
|
|
return $this->addHeaders( |
|
55
|
|
|
$response, |
|
56
|
|
|
$maxAttempts, |
|
57
|
|
|
$this->calculateRemainingAttempts($key, $maxAttempts) |
|
58
|
|
|
); |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
/** |
|
62
|
|
|
* Process too many request. |
|
63
|
|
|
* |
|
64
|
|
|
* @param \Illuminate\Http\Request $request |
|
65
|
|
|
* @param string $key |
|
66
|
|
|
* |
|
67
|
|
|
* @return \Illuminate\Http\Response|mixed|null |
|
68
|
|
|
*/ |
|
69
|
|
|
protected function processTooManyAttempts($request, $key) |
|
70
|
|
|
{ |
|
71
|
|
|
$ticket = $request->get(config('007.request_key_map.ticket', 'ticket')); |
|
72
|
|
|
$randstr = $request->get(config('007.request_key_map.randstr', 'randstr')); |
|
73
|
|
|
|
|
74
|
|
|
if (empty($ticket) || empty($randstr)) { |
|
75
|
|
|
return $this->buildNeedAuthException(); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
$checkResponse = Client::check($ticket, $randstr, $request->ip()); |
|
79
|
|
|
|
|
80
|
|
|
if ($checkResponse->level() >= config('007.level', 70)) { |
|
81
|
|
|
return $this->buildNotPassedResponse($checkResponse); |
|
82
|
|
|
} |
|
83
|
|
|
|
|
84
|
|
|
config('007.cache') > 0 && $this->joinKeyToCache($key, config('007.cache')); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
/** |
|
88
|
|
|
* Exists in cache for current request. |
|
89
|
|
|
* |
|
90
|
|
|
* @param string $key |
|
91
|
|
|
* @param \Illuminate\Http\Request $request |
|
92
|
|
|
* |
|
93
|
|
|
* @return bool |
|
94
|
|
|
*/ |
|
95
|
|
|
protected function existsInCacheForRequest($key, $request) |
|
|
|
|
|
|
96
|
|
|
{ |
|
97
|
|
|
return config('007.cache') > 0 && app(Cache::class)->has($key.':passed'); |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* Rewrite hit for subclass cover. |
|
102
|
|
|
* |
|
103
|
|
|
* @param string $key |
|
104
|
|
|
* @param int $decayMinutes |
|
105
|
|
|
*/ |
|
106
|
|
|
protected function hit($key, $decayMinutes) |
|
107
|
|
|
{ |
|
108
|
|
|
return $this->limiter->hit($key, $decayMinutes); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Build a Invalid Argument Exception. |
|
113
|
|
|
* |
|
114
|
|
|
* @return mixed |
|
115
|
|
|
*/ |
|
116
|
|
|
protected function buildNeedAuthException() |
|
117
|
|
|
{ |
|
118
|
|
|
throw new NeedCaptchaAuthException(); |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
/** |
|
122
|
|
|
* Build response from not passed. |
|
123
|
|
|
* |
|
124
|
|
|
* @param Tencent007Response $response |
|
125
|
|
|
* |
|
126
|
|
|
* @return mixed |
|
127
|
|
|
*/ |
|
128
|
|
|
protected function buildNotPassedResponse(Tencent007Response $response) |
|
129
|
|
|
{ |
|
130
|
|
|
throw new RequestNotPassedException($response); |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
|
|
/** |
|
134
|
|
|
* @param string $key |
|
135
|
|
|
* @param int $hour |
|
136
|
|
|
*/ |
|
137
|
|
|
protected function joinKeyToCache($key, $hour) |
|
138
|
|
|
{ |
|
139
|
|
|
$added = app(Cache::class)->add($key.':passed', 1, $decayMinutes = ($hour * 60)); |
|
140
|
|
|
|
|
141
|
|
|
if (!$added) { |
|
142
|
|
|
app(Cache::class)->put($key.':passed', 1, $decayMinutes); |
|
143
|
|
|
} |
|
144
|
|
|
} |
|
145
|
|
|
} |
|
146
|
|
|
|
godruoyi /
laravel-tencent007-captcha
Godruoyi
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.