vendor/noxlogic/ratelimit-bundle/Noxlogic/RateLimitBundle/EventListener/RateLimitAnnotationListener.php line 53

Open in your IDE?
  1. <?php
  3. namespace Noxlogic\RateLimitBundle\EventListener;
  5. use Noxlogic\RateLimitBundle\Annotation\RateLimit;
  6. use Noxlogic\RateLimitBundle\Events\CheckedRateLimitEvent;
  7. use Noxlogic\RateLimitBundle\Events\GenerateKeyEvent;
  8. use Noxlogic\RateLimitBundle\Events\RateLimitEvents;
  9. use Noxlogic\RateLimitBundle\Exception\RateLimitExceptionInterface;
  10. use Noxlogic\RateLimitBundle\Service\RateLimitService;
  11. use Noxlogic\RateLimitBundle\Util\PathLimitProcessor;
  12. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
  16. use Symfony\Component\HttpKernel\HttpKernelInterface;
  17. use Symfony\Component\Routing\Route;
  19. class RateLimitAnnotationListener extends BaseListener
  20. {
  22.     /**
  23.      * @var eventDispatcherInterface
  24.      */
  25.     protected $eventDispatcher;
  27.     /**
  28.      * @var \Noxlogic\RateLimitBundle\Service\RateLimitService
  29.      */
  30.     protected $rateLimitService;
  32.     /**
  33.      * @var \Noxlogic\RateLimitBundle\Util\PathLimitProcessor
  34.      */
  35.     protected $pathLimitProcessor;
  37.     /**
  38.      * @param RateLimitService                    $rateLimitService
  39.      */
  40.     public function __construct(
  41.         EventDispatcherInterface $eventDispatcher,
  42.         RateLimitService $rateLimitService,
  43.         PathLimitProcessor $pathLimitProcessor
  44.     ) {
  45.         $this->eventDispatcher $eventDispatcher;
  46.         $this->rateLimitService $rateLimitService;
  47.         $this->pathLimitProcessor $pathLimitProcessor;
  48.     }
  50.     /**
  51.      * @param FilterControllerEvent $event
  52.      */
  53.     public function onKernelController(FilterControllerEvent $event)
  54.     {
  55.         // Skip if the bundle isn't enabled (for instance in test environment)
  56.         if( ! $this->getParameter('enabled'true)) {
  57.             return;
  58.         }
  60.         // Skip if we aren't the main request
  61.         if ($event->getRequestType() != HttpKernelInterface::MASTER_REQUEST) {
  62.             return;
  63.         }
  65.         // Find the best match
  66.         $annotations $event->getRequest()->attributes->get('_x-rate-limit', array());
  67.         $rateLimit $this->findBestMethodMatch($event->getRequest(), $annotations);
  69.         // Another treatment before applying RateLimit ?
  70.         $checkedRateLimitEvent = new CheckedRateLimitEvent($event->getRequest(), $rateLimit);
  71.         $this->eventDispatcher->dispatch(RateLimitEvents::CHECKED_RATE_LIMIT$checkedRateLimitEvent);
  72.         $rateLimit $checkedRateLimitEvent->getRateLimit();
  74.         // No matching annotation found
  75.         if (! $rateLimit) {
  76.             return;
  77.         }
  79.         $key $this->getKey($event$rateLimit$annotations);
  81.         // Ratelimit the call
  82.         $rateLimitInfo $this->rateLimitService->limitRate($key);
  83.         if (! $rateLimitInfo) {
  84.             // Create new rate limit entry for this call
  85.             $rateLimitInfo $this->rateLimitService->createRate($key$rateLimit->getLimit(), $rateLimit->getPeriod());
  86.             if (! $rateLimitInfo) {
  87.                 // @codeCoverageIgnoreStart
  88.                 return;
  89.                 // @codeCoverageIgnoreEnd
  90.             }
  91.         }
  94.         // Store the current rating info in the request attributes
  95.         $request $event->getRequest();
  96.         $request->attributes->set('rate_limit_info'$rateLimitInfo);
  98.         // Reset the rate limits
  99.         if(time() >= $rateLimitInfo->getResetTimestamp()) {
  100.             $this->rateLimitService->resetRate($key);
  101.             $rateLimitInfo $this->rateLimitService->createRate($key$rateLimit->getLimit(), $rateLimit->getPeriod());
  102.             if (! $rateLimitInfo) {
  103.                 // @codeCoverageIgnoreStart
  104.                 return;
  105.                 // @codeCoverageIgnoreEnd
  106.             }
  107.         }
  109.         // When we exceeded our limit, return a custom error response
  110.         if ($rateLimitInfo->getCalls() > $rateLimitInfo->getLimit()) {
  112.             // Throw an exception if configured.
  113.             if ($this->getParameter('rate_response_exception')) {
  114.                 $class $this->getParameter('rate_response_exception');
  116.                 $e = new $class($this->getParameter('rate_response_message'), $this->getParameter('rate_response_code'));
  118.                 if ($e instanceof RateLimitExceptionInterface) {
  119.                     $e->setPayload($rateLimit->getPayload());
  120.                 }
  122.                 throw $e;
  123.             }
  125.             $message $this->getParameter('rate_response_message');
  126.             $code $this->getParameter('rate_response_code');
  127.             $event->setController(function () use ($message$code) {
  128.                 // @codeCoverageIgnoreStart
  129.                 return new Response($message$code);
  130.                 // @codeCoverageIgnoreEnd
  131.             });
  132.             $event->stopPropagation();
  133.         }
  135.     }
  138.     /**
  139.      * @param RateLimit[] $annotations
  140.      */
  141.     protected function findBestMethodMatch(Request $request, array $annotations)
  142.     {
  143.         // Empty array, check the path limits
  144.         if (count($annotations) == 0) {
  145.             return $this->pathLimitProcessor->getRateLimit($request);
  146.         }
  148.         $best_match null;
  149.         foreach ($annotations as $annotation) {
  150.             // cast methods to array, even method holds a string
  151.             $methods is_array($annotation->getMethods()) ? $annotation->getMethods() : array($annotation->getMethods());
  153.             if (in_array($request->getMethod(), $methods)) {
  154.                 $best_match $annotation;
  155.             }
  157.             // Only match "default" annotation when we don't have a best match
  158.             if (count($annotation->getMethods()) == && $best_match == null) {
  159.                 $best_match $annotation;
  160.             }
  161.         }
  163.         return $best_match;
  164.     }
  166.     private function getKey(FilterControllerEvent $eventRateLimit $rateLimit, array $annotations)
  167.     {
  168.         // Let listeners manipulate the key
  169.         $keyEvent = new GenerateKeyEvent($event->getRequest(), ''$rateLimit->getPayload());
  171.         $rateLimitMethods join('.'$rateLimit->getMethods());
  172.         $keyEvent->addToKey($rateLimitMethods);
  174.         $rateLimitAlias count($annotations) === 0
  175.             str_replace('/''.'$this->pathLimitProcessor->getMatchedPath($event->getRequest()))
  176.             : $this->getAliasForRequest($event);
  177.         $keyEvent->addToKey($rateLimitAlias);
  179.         $this->eventDispatcher->dispatch(RateLimitEvents::GENERATE_KEY$keyEvent);
  181.         return $keyEvent->getKey();
  182.     }
  184.     private function getAliasForRequest(FilterControllerEvent $event)
  185.     {
  186.         if (($route $event->getRequest()->attributes->get('_route'))) {
  187.             return $route;
  188.         }
  190.         $controller $event->getController();
  192.         if (is_string($controller) && false !== strpos($controller'::')) {
  193.             $controller explode('::'$controller);
  194.         }
  196.         if (is_array($controller)) {
  197.             return str_replace('\\''.'is_string($controller[0]) ? $controller[0] : get_class($controller[0])) . '.' $controller[1];
  198.         }
  200.         if ($controller instanceof \Closure) {
  201.             return 'closure';
  202.         }
  204.         if (is_object($controller)) {
  205.             return str_replace('\\''.'get_class($controller[0]));
  206.         }
  208.         return 'other';
  209.     }
  210. }