X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/cc10d1ddfc652f6bcf3bbf61d5ec2e2861394c03..refs/pull/5676/head:/app/App/Providers/RouteServiceProvider.php diff --git a/app/App/Providers/RouteServiceProvider.php b/app/App/Providers/RouteServiceProvider.php index abd556244..97c3e7c77 100644 --- a/app/App/Providers/RouteServiceProvider.php +++ b/app/App/Providers/RouteServiceProvider.php @@ -24,10 +24,8 @@ class RouteServiceProvider extends ServiceProvider /** * Define your route model bindings, pattern filters, etc. - * - * @return void */ - public function boot() + public function boot(): void { $this->configureRateLimiting(); @@ -41,10 +39,8 @@ class RouteServiceProvider extends ServiceProvider * Define the "web" routes for the application. * * These routes all receive session state, CSRF protection, etc. - * - * @return void */ - protected function mapWebRoutes() + protected function mapWebRoutes(): void { Route::group([ 'middleware' => 'web', @@ -65,10 +61,8 @@ class RouteServiceProvider extends ServiceProvider * Define the "api" routes for the application. * * These routes are typically stateless. - * - * @return void */ - protected function mapApiRoutes() + protected function mapApiRoutes(): void { Route::group([ 'middleware' => 'api', @@ -81,13 +75,22 @@ class RouteServiceProvider extends ServiceProvider /** * Configure the rate limiters for the application. - * - * @return void */ - protected function configureRateLimiting() + protected function configureRateLimiting(): void { RateLimiter::for('api', function (Request $request) { return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip()); }); + + RateLimiter::for('public', function (Request $request) { + return Limit::perMinute(10)->by($request->ip()); + }); + + RateLimiter::for('exports', function (Request $request) { + $user = user(); + $attempts = $user->isGuest() ? 4 : 10; + $key = $user->isGuest() ? $request->ip() : $user->id; + return Limit::perMinute($attempts)->by($key); + }); } }