lucas.mathieu/cachet-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #123 from GrahamForks/throttling

Browse Source 
Added login throttling
This commit is contained in:
Graham Campbell
2014-12-30 12:43:15 +00:00
parent a1442b9d85 15861fbf5e
commit 9aaaf546fd
18 changed files with 174 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/config/app.php
View File

@@ -123,6 +123,7 @@ return [
'Illuminate\Workbench\WorkbenchServiceProvider',
'Dingo\Api\Provider\ApiServiceProvider',
'GrahamCampbell\Throttle\ThrottleServiceProvider',
'Thujohn\Rss\RssServiceProvider',
'CachetHQ\Cachet\Support\ServiceProviders\RepositoryServiceProvider',
@@ -196,8 +197,9 @@ return [
'Validator' => 'Illuminate\Support\Facades\Validator',
'View' => 'Illuminate\Support\Facades\View',
'API' => 'Dingo\Api\Facade\API',
'RSS' => 'Thujohn\Rss\RssFacade',
'API' => 'Dingo\Api\Facade\API',
'Throttle' => 'GrahamCampbell\Throttle\Facades\Throttle',
'RSS' => 'Thujohn\Rss\RssFacade',
],

2
app/config/cache.php
View File

@@ -15,7 +15,7 @@ return [
|
*/
'driver' => 'file',
'driver' => 'apc',
/*
|--------------------------------------------------------------------------

0
app/config/packages/.gitkeep
View File

35
app/config/packages/graham-campbell/throttle/config.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
/*
* This file is part of Laravel Throttle by Graham Campbell.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at http://bit.ly/UWsjkb.
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
return [
/*
|--------------------------------------------------------------------------
| Cache Driver
|--------------------------------------------------------------------------
|
| This defines the cache driver to be used. It may be the name of any
| driver set in app/config/cache.php. Setting it to null will use the
| driver you have set as default in app/config/cache.php. Please note that
| a driver that supports cache tags is required.
|
| Default: null
|
*/
'driver' => null,
];

7
app/controllers/AuthController.php
View File

@@ -1,12 +1,13 @@
<?php
/**
* Logs users into their account
* Logs users into their account.
*/
class AuthController extends Controller
{
/**
* Shows the login view.
*
* @return \Illuminate\View\View
*/
public function showLogin()
@@ -16,6 +17,7 @@ class AuthController extends Controller
/**
* Logs the user in.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function postLogin()
@@ -23,6 +25,8 @@ class AuthController extends Controller
if (Auth::attempt(Input::only(['email', 'password']))) {
return Redirect::intended('dashboard');
} else {
Throttle::hit(Request::instance(), 10, 10);
return Redirect::back()
->withInput(Input::except('password'))
->with('error', 'Invalid email or password');
@@ -31,6 +35,7 @@ class AuthController extends Controller
/**
* Logs the user out, deleting their session etc.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function logoutAction()

14
app/controllers/DashComponentController.php
View File

@@ -4,6 +4,7 @@ class DashComponentController extends Controller
{
/**
* Shows the components view.
*
* @return \Illuminate\View\View
*/
public function showComponents()
@@ -18,7 +19,9 @@ class DashComponentController extends Controller
/**
* Shows the edit component view.
* @param Component $component
*
* @param \Component $component
*
* @return \Illuminate\View\View
*/
public function showEditComponent(Component $component)
@@ -31,6 +34,9 @@ class DashComponentController extends Controller
/**
* Updates a component.
*
* @param \Component $component
*
* @return \Illuminate\Http\RedirectResponse
*/
public function updateComponentAction(Component $component)
@@ -43,6 +49,7 @@ class DashComponentController extends Controller
/**
* Shows the add component view.
*
* @return \Illuminate\View\View
*/
public function showAddComponent()
@@ -54,6 +61,7 @@ class DashComponentController extends Controller
/**
* Creates a new component.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function createComponentAction()
@@ -66,7 +74,9 @@ class DashComponentController extends Controller
/**
* Deletes a given component.
* @param Component $component
*
* @param \Component $component
*
* @return \Illuminate\Http\RedirectResponse
*/
public function deleteComponentAction(Component $component)

9
app/controllers/DashIncidentController.php
View File

@@ -4,6 +4,7 @@ class DashIncidentController extends Controller
{
/**
* Shows the incidents view.
*
* @return \Illuminate\View\View
*/
public function showIncidents()
@@ -18,6 +19,7 @@ class DashIncidentController extends Controller
/**
* Shows the add incident view.
*
* @return \Illuminate\View\View
*/
public function showAddIncident()
@@ -29,6 +31,7 @@ class DashIncidentController extends Controller
/**
* Shows the add incident template view.
*
* @return \Illuminate\View\View
*/
public function showAddIncidentTemplate()
@@ -40,6 +43,7 @@ class DashIncidentController extends Controller
/**
* Creates a new incident template.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function createIncidentTemplateAction()
@@ -52,6 +56,7 @@ class DashIncidentController extends Controller
/**
* Creates a new incident.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function createIncidentAction()
@@ -64,7 +69,9 @@ class DashIncidentController extends Controller
/**
* Deletes a given incident.
* @param Incident $incident
*
* @param \Incident $incident
*
* @return \Illuminate\Http\RedirectResponse
*/
public function deleteIncidentAction(Incident $incident)

2
app/controllers/DashSettingsController.php
View File

@@ -4,6 +4,7 @@ class DashSettingsController extends Controller
{
/**
* Shows the settings view.
*
* @return \Illuminate\View\View
*/
public function showSettings()
@@ -15,6 +16,7 @@ class DashSettingsController extends Controller
/**
* Updates the statsu page settings.
*
* @return \Illuminate\View\View
*/
public function postSettings()

2
app/controllers/DashUserController.php
View File

@@ -4,6 +4,7 @@ class DashUserController extends Controller
{
/**
* Shows the user view.
*
* @return \Illuminate\View\View
*/
public function showUser()
@@ -15,6 +16,7 @@ class DashUserController extends Controller
/**
* Updates the current user.
*
* @return \Illuminate\View\View
*/
public function postUser()

3
app/controllers/DashboardController.php
View File

@@ -4,6 +4,7 @@ class DashboardController extends Controller
{
/**
* Shows the dashboard view.
*
* @return \Illuminate\View\View
*/
public function showDashboard()
@@ -14,6 +15,7 @@ class DashboardController extends Controller
/**
* Shows the metrics view.
*
* @return \Illuminate\View\View
*/
public function showMetrics()
@@ -25,6 +27,7 @@ class DashboardController extends Controller
/**
* Shows the notifications view.
*
* @return \Illuminate\View\View
*/
public function showNotifications()

12
app/controllers/HomeController.php
View File

@@ -3,10 +3,19 @@
class HomeController extends Controller
{
/**
* @var Component $component
* The component instance.
*
* @var \Component $component
*/
protected $component;
/**
* Create a new home controller instance.
*
* @param \Component $component
*
* @return void
*/
public function __construct(Component $component)
{
$this->component = $component;
@@ -14,6 +23,7 @@ class HomeController extends Controller
/**
* Returns the rendered Blade templates.
*
* @return \Illuminate\View\View
*/
public function showIndex()

19
app/controllers/RSSController.php
View File

@@ -4,22 +4,23 @@ class RSSController extends Controller
{
/**
* Generates an RSS feed of all incidents.
*
* @return \Illuminate\Http\Response
*/
public function feedAction()
{
$feed = RSS::feed('2.0', 'UTF-8');
$feed->channel([
'title' => Setting::get('app_name'),
'description' => 'Status Feed',
'link' => Setting::get('app_domain'),
'title' => Setting::get('app_name'),
'description' => 'Status Feed',
'link' => Setting::get('app_domain'),
]);
Incident::get()->map(function ($incident) use ($feed) {
$componentName = null;
$component = $incident->component;
if ($component) {
$componentName = $component->name;
if ($incident->component) {
$componentName = $incident->component->name;
} else {
$componentName = null;
}
$feed->item([
@@ -32,8 +33,6 @@ class RSSController extends Controller
]);
});
return Response::make($feed, 200, [
'Content-Type' => 'text/xml'
]);
return Response::make($feed, 200, ['Content-Type' => 'text/xml']);
}
}

7
app/controllers/SetupController.php
View File

@@ -2,6 +2,11 @@
class SetupController extends Controller
{
/**
* Create a new setup controller instance.
*
* @return void
*/
public function __construct()
{
$this->beforeFilter('csrf', ['only' => ['postCachet']]);
@@ -9,6 +14,7 @@ class SetupController extends Controller
/**
* Returns the setup page.
*
* @return \Illuminate\View\View
*/
public function getIndex()
@@ -20,6 +26,7 @@ class SetupController extends Controller
/**
* Handles the actual app setup.
*
* @return \Illuminate\Http\RedirectResponse
*/
public function postIndex()

1
app/filters.php
View File

@@ -4,6 +4,7 @@ Route::filter('is_setup', 'IsSetupFilter');
Route::filter('has_setting', 'HasSettingFilter');
Route::filter('cors', 'CORSFilter');
Route::filter('allowed_domains', 'AllowedDomainsFilter');
Route::filter('login_throttling', 'LoginThrottlingFilter');
/*
|--------------------------------------------------------------------------

16
app/filters/LoginThrottlingFilter.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
class LoginThrottlingFilter
{
public function filter($route, $request, $response)
{
// check if we've reached the rate limit, but don't hit the throttle yet
// we can hit the throttle later on in the if validation passes
if (!Throttle::check($request, 10, 10)) {
return Redirect::back()
->with('error', 'You have made too many login requests.');
}
return $response;
}
}

2
app/routes/auth.php
View File

@@ -2,7 +2,7 @@
Route::group(['before' => 'has_setting:app_name'], function () {
Route::get('/auth/login', ['before' => 'guest', 'as' => 'login', 'uses' => 'AuthController@showLogin']);
Route::post('/auth/login', ['before' => 'guest|csrf', 'as' => 'logout', 'uses' => 'AuthController@postLogin']);
Route::post('/auth/login', ['before' => 'guest|csrf|login_throttling', 'as' => 'logout', 'uses' => 'AuthController@postLogin']);
});
Route::get('/auth/logout', ['before' => 'auth', 'as' => 'logout', 'uses' => 'AuthController@logoutAction']);

1
composer.json
View File

@@ -13,6 +13,7 @@
"laravel/framework": "4.2.*",
"guzzlehttp/guzzle": "~5.0",
"dingo/api": "0.8.*",
"graham-campbell/throttle": "~2.0",
"watson/validating": "0.10.*",
"thujohn/rss": "~1.0",
"doctrine/dbal": "2.5.*",

56
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "2b05058fab4b2fa831e500985b506c1f",
"hash": "def3f0fcb615467e21e9eccf44a39a73",
"packages": [
{
"name": "classpreloader/classpreloader",
@@ -768,6 +768,59 @@
],
"time": "2014-10-26 09:05:09"
},
{
"name": "graham-campbell/throttle",
"version": "v2.0.1",
"source": {
"type": "git",
"url": "https://github.com/GrahamCampbell/Laravel-Throttle.git",
"reference": "0c75b729efa7dea6ec8e4182bf3f5ebe0cb9f003"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/GrahamCampbell/Laravel-Throttle/zipball/0c75b729efa7dea6ec8e4182bf3f5ebe0cb9f003",
"reference": "0c75b729efa7dea6ec8e4182bf3f5ebe0cb9f003",
"shasum": ""
},
"require": {
"illuminate/cache": "~4.1",
"illuminate/http": "~4.1",
"illuminate/support": "~4.1",
"php": ">=5.4.7"
},
"require-dev": {
"graham-campbell/testbench": "~1.0"
},
"type": "library",
"autoload": {
"psr-4": {
"GrahamCampbell\\Throttle\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"Apache-2.0"
],
"authors": [
{
"name": "Graham Campbell",
"email": "graham@mineuk.com"
}
],
"description": "Throttle Is A Rate Limiter For Laravel 4.1/4.2",
"keywords": [
"Graham Campbell",
"GrahamCampbell",
"Laravel Throttle",
"Laravel-Throttle",
"framework",
"laravel",
"rate limit",
"throttle",
"throttling"
],
"time": "2014-10-30 13:45:51"
},
{
"name": "guzzlehttp/guzzle",
"version": "5.1.0",
@@ -3477,6 +3530,7 @@
"minimum-stability": "stable",
"stability-flags": [],
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
"php": ">=5.4"
},