Update api.php

2024-06-02 10:54:44 +12:00 · 2021-11-09 14:07:10 +00:00 · 2021-11-09 14:07:10 +00:00 · b78715f353
parent 24b747453f
commit b78715f353
1 changed files with 12 additions and 17 deletions
--- a/app/controllers/shared/api.php
+++ b/app/controllers/shared/api.php
@ -39,32 +39,26 @@ App::init(function ($utopia, $request, $response, $project, $user, $register, $e
     */
    $abuseKeyLabel = $route->getLabel('abuse-key', 'url:{url},ip:{ip}');
    $timeLimitArray = [];
-    if (is_array($abuseKeyLabel)) {
-        for ($i = 0; $i < count($abuseKeyLabel); $i++)  {
-            $timeLimit = new TimeLimit($abuseKeyLabel[$i], $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $db);
-            $timeLimit->setNamespace('app_'.$project->getId());
-            $timeLimit
-                ->setParam('{userId}', $user->getId())
-                ->setParam('{userAgent}', $request->getUserAgent(''))
-                ->setParam('{ip}', $request->getIP())
-                ->setParam('{url}', $request->getHostname().$route->getPath())
-            ;
-            $timeLimitArray[] = $timeLimit;
-        }
-    } else {
-        $timeLimit = new TimeLimit($abuseKeyLabel, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $db);
+
+    if (!is_array($abuseKeyLabel)) {
+        $abuseKeyLabel = [$abuseKeyLabel];
+    }
+
+    foreach ($abuseKeyLabel as $abuseKey) {
+        $timeLimit = new TimeLimit($abuseKey, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $db);
        $timeLimit->setNamespace('app_'.$project->getId());
        $timeLimit
            ->setParam('{userId}', $user->getId())
            ->setParam('{userAgent}', $request->getUserAgent(''))
            ->setParam('{ip}', $request->getIP())
-            ->setParam('{url}', $request->getHostname().$route->getPath())
-        ;
+            ->setParam('{url}', $request->getHostname().$route->getPath());
        $timeLimitArray[] = $timeLimit;
    }

    //TODO make sure we get array here

+    $closestLimit = 999;
+
    foreach ($timeLimitArray as $timeLimit) {
        foreach ($request->getParams() as $key => $value) { // Set request params as potential abuse keys
            if(!empty($value)) {
@ -74,7 +68,8 @@ App::init(function ($utopia, $request, $response, $project, $user, $register, $e

        $abuse = new Abuse($timeLimit);

-        if ($timeLimit->limit()) {
+        if ($timeLimit->limit() && $timeLimit->remaining() < $closestLimit) {
+            $closestLimit = $timeLimit->remaining();
            $response
                ->addHeader('X-RateLimit-Limit', $timeLimit->limit())
                ->addHeader('X-RateLimit-Remaining', $timeLimit->remaining())