‪TYPO3CMS  ‪main
RateLimiterFactory.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\RateLimiter;
19 
20 use Psr\Http\Message\ServerRequestInterface;
21 use Symfony\Component\RateLimiter\LimiterInterface;
22 use Symfony\Component\RateLimiter\RateLimiterFactory as SymfonyRateLimiterFactory;
23 use Symfony\Component\RateLimiter\Storage\InMemoryStorage;
24 use ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
25 use ‪TYPO3\CMS\Core\Http\NormalizedParams;
26 use ‪TYPO3\CMS\Core\RateLimiter\Storage\CachingFrameworkStorage;
27 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
28 
32 class ‪RateLimiterFactory
33 {
34  public function ‪createLoginRateLimiter(‪AbstractUserAuthentication $userAuthentication, ServerRequestInterface $request): LimiterInterface
35  {
36  $loginType = $userAuthentication->loginType;
37  $normalizedParams = $request->getAttribute('normalizedParams') ?? ‪NormalizedParams::createFromRequest($request);
38  $remoteIp = $normalizedParams->getRemoteAddress();
39  $limiterId = sha1('typo3-login-' . $loginType);
40  $limit = (int)(‪$GLOBALS['TYPO3_CONF_VARS'][$loginType]['loginRateLimit'] ?? 5);
41  $interval = ‪$GLOBALS['TYPO3_CONF_VARS'][$loginType]['loginRateLimitInterval'] ?? '15 minutes';
42 
43  // If not enabled, return a null limiter
44  $enabled = !$this->‪isIpExcluded($loginType, $remoteIp) && $limit > 0;
45 
46  $config = [
47  'id' => $limiterId,
48  'policy' => ($enabled ? 'sliding_window' : 'no_limit'),
49  'limit' => $limit,
50  'interval' => $interval,
51  ];
52  $storage = ($enabled ? GeneralUtility::makeInstance(CachingFrameworkStorage::class) : new InMemoryStorage());
53  $limiterFactory = new SymfonyRateLimiterFactory(
54  $config,
55  $storage
56  );
57  return $limiterFactory->create($remoteIp);
58  }
59 
60  protected function ‪isIpExcluded(string $loginType, string $remoteAddress): bool
61  {
62  $ipMask = trim(‪$GLOBALS['TYPO3_CONF_VARS'][$loginType]['loginRateLimitIpExcludeList'] ?? '');
63  return ‪GeneralUtility::cmpIP($remoteAddress, $ipMask);
64  }
65 }
‪TYPO3\CMS\Core\RateLimiter
Definition: RateLimiterFactory.php:18
‪TYPO3\CMS\Core\RateLimiter\RateLimiterFactory\isIpExcluded
‪isIpExcluded(string $loginType, string $remoteAddress)
Definition: RateLimiterFactory.php:60
‪TYPO3\CMS\Core\Utility\GeneralUtility\cmpIP
‪static bool cmpIP(string $baseIP, string $list)
Definition: GeneralUtility.php:113
‪TYPO3\CMS\Core\RateLimiter\Storage\CachingFrameworkStorage
Definition: CachingFrameworkStorage.php:34
‪TYPO3\CMS\Core\RateLimiter\RateLimiterFactory
Definition: RateLimiterFactory.php:33
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\RateLimiter\RateLimiterFactory\createLoginRateLimiter
‪createLoginRateLimiter(AbstractUserAuthentication $userAuthentication, ServerRequestInterface $request)
Definition: RateLimiterFactory.php:34
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:52
‪TYPO3\CMS\Core\Http\NormalizedParams\createFromRequest
‪static static createFromRequest(ServerRequestInterface $request, array $systemConfiguration=null)
Definition: NormalizedParams.php:840
‪TYPO3\CMS\Core\Http\NormalizedParams
Definition: NormalizedParams.php:38
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
Definition: AbstractUserAuthentication.php:65