endpoint_repository = $endpoint_repository; $this->endpoint_rate_limit_by_ip_repository = $endpoint_rate_limit_by_ip_repository; } /** * @param \Illuminate\Http\Request $request * @param Closure $next * @param int $max_attempts * @param int $decay_minutes * @return \Illuminate\Http\Response|mixed */ public function handle($request, Closure $next, $max_attempts = 0, $decay_minutes = 0) { $route = RequestUtils::getCurrentRoutePath($request); $method = $request->getMethod(); $endpoint = $this->endpoint_repository->getApiEndpointByUrlAndMethod($route, $method); $key = $this->resolveRequestSignature($request); $client_ip = $request->getClientIp(); if (!is_null($endpoint) && $endpoint->getRateLimit() > 0) { $max_attempts = $endpoint->getRateLimit(); } if (!is_null($endpoint) && $endpoint->getRateLimitDecay() > 0) { $decay_minutes = $endpoint->getRateLimitDecay(); } $endpoint_rate_limit_by_ip = $this->endpoint_rate_limit_by_ip_repository->getByIPRouteMethod ( $client_ip, $route, $method ); if(!is_null($endpoint_rate_limit_by_ip)){ $max_attempts = $endpoint_rate_limit_by_ip->getRateLimit(); $decay_minutes = $endpoint_rate_limit_by_ip->getRateLimitDecay(); } if ($max_attempts == 0 || $decay_minutes == 0) { // short circuit (infinite) return $next($request); } if ($this->limiter->tooManyAttempts($key, $max_attempts, $decay_minutes)) { return $this->buildResponse($key, $max_attempts); } $this->limiter->hit($key, $decay_minutes); $response = $next($request); return $this->addHeaders( $response, $max_attempts, $this->calculateRemainingAttempts($key, $max_attempts) ); } }