w33b/hstream
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix rate limit and make it more strict (1 message in 5 minutes)

Browse Source
This commit is contained in:
w33b
2026-01-10 22:15:50 +01:00
parent 268e3eb4c2
commit dfedf4058e
2 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Livewire/Comment.php
View File

@@ -85,15 +85,16 @@ class Comment extends Component
$user = auth()->user(); $user = auth()->user();
$rateLimitKey = "send-comment:{$user->id}"; $rateLimitKey = "send-comment:{$user->id}";
$rateLimitMinutes = 60 * 5; // 5 minutes
if (RateLimiter::tooManyAttempts($rateLimitKey, 5)) { if (RateLimiter::tooManyAttempts($rateLimitKey, 1)) {
$seconds = RateLimiter::availableIn($rateLimitKey); $seconds = RateLimiter::availableIn($rateLimitKey);
$this->addError('replyState.body', "Too many comments. Try again in {$seconds} seconds."); $this->addError('replyState.body', "Too many comments. Try again in {$seconds} seconds.");
return; return;
} }
RateLimiter::hit($rateLimitKey, 60); RateLimiter::hit($rateLimitKey, $rateLimitMinutes);
$this->validate([ $this->validate([
'replyState.body' => 'required' 'replyState.body' => 'required'

8
app/Livewire/Comments.php
View File

@@ -31,20 +31,18 @@ class Comments extends Component
'newCommentState.body' => 'required' 'newCommentState.body' => 'required'
]); ]);
$this->addError('newCommentState.body', "Too many comments. Try again in 1 seconds.");
return;
$user = auth()->user(); $user = auth()->user();
$rateLimitKey = "send-comment:{$user->id}"; $rateLimitKey = "send-comment:{$user->id}";
$rateLimitMinutes = 60 * 5; // 5 minutes
if (RateLimiter::tooManyAttempts($rateLimitKey, 5)) { if (RateLimiter::tooManyAttempts($rateLimitKey, 1)) {
$seconds = RateLimiter::availableIn($rateLimitKey); $seconds = RateLimiter::availableIn($rateLimitKey);
$this->addError('newCommentState.body', "Too many comments. Try again in {$seconds} seconds."); $this->addError('newCommentState.body', "Too many comments. Try again in {$seconds} seconds.");
return; return;
} }
RateLimiter::hit($rateLimitKey, 60); RateLimiter::hit($rateLimitKey, $rateLimitMinutes);
$comment = $this->model->comments()->make($this->newCommentState); $comment = $this->model->comments()->make($this->newCommentState);
$comment->user()->associate($user); $comment->user()->associate($user);