Security hardening - Rate limiter
This commit is contained in:
parent
7611d24e06
commit
e61553af4b
@ -46,7 +46,7 @@ final class RateLimiterFactory
|
|||||||
|
|
||||||
public function create(?string $key = null): LimiterInterface
|
public function create(?string $key = null): LimiterInterface
|
||||||
{
|
{
|
||||||
$id = $this->config['id'].$key;
|
$id = $this->config['id'].'-'.$key;
|
||||||
$lock = $this->lockFactory ? $this->lockFactory->createLock($id) : new NoLock();
|
$lock = $this->lockFactory ? $this->lockFactory->createLock($id) : new NoLock();
|
||||||
|
|
||||||
switch ($this->config['policy']) {
|
switch ($this->config['policy']) {
|
||||||
|
@ -41,7 +41,7 @@ final class DefaultLoginRateLimiter extends AbstractRequestRateLimiter
|
|||||||
{
|
{
|
||||||
return [
|
return [
|
||||||
$this->globalFactory->create($request->getClientIp()),
|
$this->globalFactory->create($request->getClientIp()),
|
||||||
$this->localFactory->create($request->attributes->get(Security::LAST_USERNAME).$request->getClientIp()),
|
$this->localFactory->create($request->attributes->get(Security::LAST_USERNAME).'-'.$request->getClientIp()),
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user