first commit
This commit is contained in:
66
app/Providers/AppServiceProvider.php
Normal file
66
app/Providers/AppServiceProvider.php
Normal file
@@ -0,0 +1,66 @@
|
||||
<?php
|
||||
|
||||
namespace App\Providers;
|
||||
|
||||
use App\Support\PasswordPolicy;
|
||||
use Carbon\CarbonImmutable;
|
||||
use Illuminate\Cache\RateLimiting\Limit;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Date;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\RateLimiter;
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Validation\Rules\Password;
|
||||
|
||||
class AppServiceProvider extends ServiceProvider
|
||||
{
|
||||
/**
|
||||
* Register any application services.
|
||||
*/
|
||||
public function register(): void
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Bootstrap any application services.
|
||||
*/
|
||||
public function boot(): void
|
||||
{
|
||||
$this->configureDefaults();
|
||||
$this->configureRateLimiting();
|
||||
}
|
||||
|
||||
/**
|
||||
* Configure default behaviors for production-ready applications.
|
||||
*/
|
||||
protected function configureDefaults(): void
|
||||
{
|
||||
Date::use(CarbonImmutable::class);
|
||||
|
||||
DB::prohibitDestructiveCommands(
|
||||
app()->isProduction(),
|
||||
);
|
||||
|
||||
// Единая парольная политика приложения (мера ИАФ.3).
|
||||
Password::defaults(fn (): Password => PasswordPolicy::rule());
|
||||
}
|
||||
|
||||
/**
|
||||
* Ограничение частоты обращений (меры ИАФ.6, УПД.6, защита от перебора).
|
||||
*/
|
||||
protected function configureRateLimiting(): void
|
||||
{
|
||||
RateLimiter::for('login', function (Request $request) {
|
||||
$max = (int) config('security.lockout.max_attempts');
|
||||
$decay = (int) config('security.lockout.decay_minutes');
|
||||
|
||||
return Limit::perMinutes($decay, $max)
|
||||
->by(mb_strtolower((string) $request->input('email')).'|'.$request->ip());
|
||||
});
|
||||
|
||||
RateLimiter::for('api', fn (Request $request) => Limit::perMinute(60)->by(
|
||||
optional($request->user())->id ?: $request->ip()
|
||||
));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user