35 lines
1.1 KiB
PHP
35 lines
1.1 KiB
PHP
<?php declare(strict_types=1);
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Illuminate\Auth\AuthenticationException;
|
|
use Illuminate\Http\Response;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Http\Request;
|
|
use Closure;
|
|
use Illuminate\Routing\Exceptions\MissingRateLimiterException;
|
|
|
|
final class RegistryAuthNotification
|
|
{
|
|
/**
|
|
* @throws AuthenticationException | MissingRateLimiterException
|
|
*/
|
|
public function handle(Request $request, Closure $next)
|
|
{
|
|
|
|
if (RateLimiter::tooManyAttempts(key: 'registry-auth-notification:' . $request->getClientIp(), maxAttempts: 3)) {
|
|
$message = __('http-statuses.' . Response::HTTP_TOO_MANY_REQUESTS, [], 'en');
|
|
\abort(
|
|
new Response($message, Response::HTTP_TOO_MANY_REQUESTS)
|
|
);
|
|
}
|
|
|
|
if ($request->header('authorization') !== config('registry.token_for_notifications')) {
|
|
RateLimiter::increment(key: 'registry-auth-notification:' . $request->getClientIp(), decaySeconds: 600);
|
|
throw new \Illuminate\Auth\AuthenticationException();
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|