50 lines
1.5 KiB
PHP
50 lines
1.5 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\ServiceProvider;
|
|
|
|
class AppServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* Register any application services.
|
|
*/
|
|
public function register(): void
|
|
{
|
|
//
|
|
}
|
|
|
|
/**
|
|
* Bootstrap any application services.
|
|
*/
|
|
public function boot(): void
|
|
{
|
|
// Rate limiting para autenticação (proteção contra brute force)
|
|
RateLimiter::for('login', function (Request $request) {
|
|
return Limit::perMinute(5)->by($request->ip())->response(function () {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'Muitas tentativas de login. Tente novamente em 1 minuto.',
|
|
], 429);
|
|
});
|
|
});
|
|
|
|
RateLimiter::for('register', function (Request $request) {
|
|
return Limit::perHour(10)->by($request->ip())->response(function () {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'Muitas tentativas de registro. Tente novamente mais tarde.',
|
|
], 429);
|
|
});
|
|
});
|
|
|
|
// Rate limiting para API geral (proteção contra abuso)
|
|
RateLimiter::for('api', function (Request $request) {
|
|
return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
|
|
});
|
|
}
|
|
}
|