Files
laravel-gost-template/app/Providers/AppServiceProvider.php
2026-06-24 17:20:43 +09:00

67 lines
1.8 KiB
PHP

<?php
namespace App\Providers;
use App\Support\PasswordPolicy;
use Carbon\CarbonImmutable;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Date;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\ServiceProvider;
use Illuminate\Validation\Rules\Password;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
$this->configureDefaults();
$this->configureRateLimiting();
}
/**
* Configure default behaviors for production-ready applications.
*/
protected function configureDefaults(): void
{
Date::use(CarbonImmutable::class);
DB::prohibitDestructiveCommands(
app()->isProduction(),
);
// Единая парольная политика приложения (мера ИАФ.3).
Password::defaults(fn (): Password => PasswordPolicy::rule());
}
/**
* Ограничение частоты обращений (меры ИАФ.6, УПД.6, защита от перебора).
*/
protected function configureRateLimiting(): void
{
RateLimiter::for('login', function (Request $request) {
$max = (int) config('security.lockout.max_attempts');
$decay = (int) config('security.lockout.decay_minutes');
return Limit::perMinutes($decay, $max)
->by(mb_strtolower((string) $request->input('email')).'|'.$request->ip());
});
RateLimiter::for('api', fn (Request $request) => Limit::perMinute(60)->by(
optional($request->user())->id ?: $request->ip()
));
}
}