DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-12-25 21:54:14 -08:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Merge pull request #10734 from snipe/fixes/api_throttling

Browse source 
Fixed API throttling
This commit is contained in:
snipe 2022-02-24 13:43:49 -08:00 committed by GitHub
parent a8028e7dd0 83f21d0ddf
commit 4b7f45a15e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 21 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.env.example
View file

@ -153,4 +153,4 @@ IMPORT_TIME_LIMIT=600
IMPORT_MEMORY_LIMIT=500M IMPORT_MEMORY_LIMIT=500M
REPORT_TIME_LIMIT=12000 REPORT_TIME_LIMIT=12000
REQUIRE_SAML=false REQUIRE_SAML=false
API_THROTTLE_PER_MINUTE=120

4
app/Exceptions/Handler.php
View file

@ -84,10 +84,12 @@ class Handler extends ExceptionHandler
switch ($e->getStatusCode()) { switch ($e->getStatusCode()) {
case '404': case '404':
return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404); return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
case '429':
return response()->json(Helper::formatStandardApiResponse('error', null, 'Too many requests'), 429);
case '405': case '405':
return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405); return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
default: default:
return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), 405); return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), $statusCode);
} }
} }

1
app/Http/Kernel.php
View file

@ -45,7 +45,6 @@ class Kernel extends HttpKernel
], ],
'api' => [ 'api' => [
'throttle:120,1',
'auth:api', 'auth:api',
], ],
]; ];

11
config/app.php
View file

@ -425,4 +425,15 @@ return [
], ],
/*
|--------------------------------------------------------------------------
| API Throttling
|--------------------------------------------------------------------------
|
| This value determines the number of API requests permitted per minute
|
*/
'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),
]; ];

6
routes/api.php
View file

@ -11,10 +11,14 @@ use Illuminate\Http\Request;
| routes are loaded by the RouteServiceProvider within a group which | routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API! | is assigned the "api" middleware group. Enjoy building your API!
| |
| We *could* put the middleware speficication in the RouteServiceProvider's mapApiRoutes()
| method, but we felt it was clearer to keep it here, since we look at the api routes for more
| often than we look at the RouteServiceProvider. - @snipe
|
*/ */
Route::group(['prefix' => 'v1','namespace' => 'Api', 'middleware' => 'auth:api'], function () { Route::group(['prefix' => 'v1','namespace' => 'Api', 'middleware' => ['api', 'throttle:'.config('app.api_throttle_per_minute').',1']], function () {
Route::get('/', function() { Route::get('/', function() {