einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-05 01:15:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3a8775fa52759d9269629d1ef0235feb5784df61
einundzwanzig-app/app/Providers/AppServiceProvider.php
T
HolgerHatGarKeineNode 3a8775fa52 🛡️ **Add robust Livewire payload validation and throttling** 
-  Implemented handling for `CorruptComponentPayloadException` to prevent logging noise and improve exception management.
- 🛠️ Added IP-based throttling (120 requests/min) for the `/livewire/update` endpoint with middleware integration for better traffic control.
-  Introduced unit tests to validate throttle settings and middleware application.
- 🧪 Enhanced tests for ensuring silent handling of corrupt payload scenarios and reduced log noise.
2026-06-04 11:45:02 +02:00

80 lines
2.4 KiB
PHP
Raw Blame History

<?php
namespace App\Providers;
use App\Support\Carbon;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Events\DiagnosingHealth;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Date;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\URL;
use Illuminate\Support\ServiceProvider;
use Laravel\Nightwatch\Facades\Nightwatch;
use Laravel\Nightwatch\Http\Middleware\Sample;
use Livewire\Livewire;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
Date::use(
Carbon::class
);
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
$this->configureRateLimiting();
if ($this->app->environment('production')) {
URL::forceScheme('https');
}
Livewire::setUpdateRoute(function ($handle) {
return Route::post('/livewire/update', $handle)
->middleware(['web', 'throttle:livewire', Sample::rate(0)]);
});
Nightwatch::user(fn (Authenticatable $user) => [
'name' => $user->name,
]);
Event::listen(function (DiagnosingHealth $event) {
Nightwatch::dontSample();
});
Model::preventLazyLoading(app()->environment('local'));
}
/**
* Configure the rate limiters for the application.
*/
protected function configureRateLimiting(): void
{
RateLimiter::for('calendar', function (Request $request) {
return Limit::perMinute(60)->by($request->ip());
});
// Generous backstop for the shared `/livewire/update` endpoint. A single
// active user stays far below this: the only sustained generator is the
// login page's `wire:poll.4s` at ~15 req/min, plus interaction bursts.
// 120/min leaves headroom for several users behind one NAT while still
// capping abusive replay/scan traffic. Keyed by the real client IP
// (trustProxies('*') resolves X-Forwarded-For).
RateLimiter::for('livewire', function (Request $request) {
return Limit::perMinute(120)->by($request->ip());
});
}
}
Reference in New Issue View Git Blame Copy Permalink