67 lines
1.8 KiB
PHP
67 lines
1.8 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use App\Support\PasswordPolicy;
|
|
use Carbon\CarbonImmutable;
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Date;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\ServiceProvider;
|
|
use Illuminate\Validation\Rules\Password;
|
|
|
|
class AppServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* Register any application services.
|
|
*/
|
|
public function register(): void
|
|
{
|
|
//
|
|
}
|
|
|
|
/**
|
|
* Bootstrap any application services.
|
|
*/
|
|
public function boot(): void
|
|
{
|
|
$this->configureDefaults();
|
|
$this->configureRateLimiting();
|
|
}
|
|
|
|
/**
|
|
* Configure default behaviors for production-ready applications.
|
|
*/
|
|
protected function configureDefaults(): void
|
|
{
|
|
Date::use(CarbonImmutable::class);
|
|
|
|
DB::prohibitDestructiveCommands(
|
|
app()->isProduction(),
|
|
);
|
|
|
|
// Единая парольная политика приложения (мера ИАФ.3).
|
|
Password::defaults(fn (): Password => PasswordPolicy::rule());
|
|
}
|
|
|
|
/**
|
|
* Ограничение частоты обращений (меры ИАФ.6, УПД.6, защита от перебора).
|
|
*/
|
|
protected function configureRateLimiting(): void
|
|
{
|
|
RateLimiter::for('login', function (Request $request) {
|
|
$max = (int) config('security.lockout.max_attempts');
|
|
$decay = (int) config('security.lockout.decay_minutes');
|
|
|
|
return Limit::perMinutes($decay, $max)
|
|
->by(mb_strtolower((string) $request->input('email')).'|'.$request->ip());
|
|
});
|
|
|
|
RateLimiter::for('api', fn (Request $request) => Limit::perMinute(60)->by(
|
|
optional($request->user())->id ?: $request->ip()
|
|
));
|
|
}
|
|
}
|