cdonut/laraflood 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

cdonut/laraflood

Composer 安装命令:

composer require cdonut/laraflood

包简介

Flood protection for laravel

README 文档

README

This tool designed for limiting some user requests.

This tool is based on: ircop/Laraflood, I have added / modified things that have been useful for my current project and I publish it in case it can be useful to someone!

INSTALL

1: install via composer

composer require vincendev/laraflood

If you're using laravel 5.5: steps 2 and 3 are not necessary.

2: add service provider to providers array in config/app.php:

Vincendev\Laraflood\LarafloodServiceProvider::class,

3: add facade alias to aliases array in config/app.php:

'Laraflood' => Vincendev\Laraflood\FacadeLaraflood::class,

Usage

Checking for record existance with given identity and add attempt.

$identity - can be ip-address, user id, anything unique. Default is ip-address.

$action - What is the user trying to do? Submit-post, Login, Search, etc. Default is 'default'.

$maxAttempts - How many attempts do you want to give the user? Default is 5.

$seconds - Waiting time after attempts are over. Default is 5 minutes.


Laraflood::check( $identity = 'ip', $action = 'default', $maxAttempts = 5, $seconds = 300 );
Laraflood::check();
Laraflood::check( $user->id , 'submit-comment');
Laraflood::check( $user->id , 'report-comment', 1, 5);

/* Return bool */

Only check without add attempt.

Laraflood::checkOnly( $identity = 'ip', $action = 'default', $maxAttempts = 5, $seconds = 300 );
Laraflood::checkOnly();
Laraflood::checkOnly( $user->id , 'submit-comment');
Laraflood::checkOnly( $user->id , 'report-comment', 1, 5);

/* Return bool */

Add attempt for given $identity with ·$action on given $minutes. 'ip' by default is the real user ip.

Laraflood::addAttempt( $identity = 'ip', $action = 'default', $seconds = 300 );
Laraflood::addAttempt();
Laraflood::addAttempt('ip', 'like-post');
Laraflood::addAttempt( $user->id ,'default', 5 );

/* Void */

Get time left for given identity & action.


Laraflood::secondsLeft( $identity = 'ip', $action = 'default');
Laraflood::secondsLeft();
Laraflood::secondsLeft( 'ip', 'like-post');

/* Return string */
	# X hours
	# X minutes
	# X seconds



Returns array for given identity & action


Laraflood::get($identity = 'ip', $action = 'default')
Laraflood::get();
Laraflood::get( 'ip', 'like-post');

/*
array:3 [▼
  "action" => "default"
  "attempts" => 1
  "expiration" => "2019-09-18 19:51:01.175237"
]
*/

Examples:

Limiting wrong login attempts for given IP address:

This example limiting wrong login attempts from one ip-address to 5 tryes per 20 minutes:

public function postLogin()
{
	
/**
* If thes user ip has >= 5 failed login attempts in last 5 minutes, redirect user
* back with error:
*/

	if( Laraflood::check( 'ip' , 'login', 5, 5 ) === FALSE )
		return redirect()->back()->withErrors(["AntiFlood Protection! Try again in ".Laraflood::secondsLeft('ip','login')." ."]);
	
	/**
	* Your code here..
	*/

}

Increment post views .

This code shows how increment post views only 1 view every 24 hours..

public function incrementPostViews()
{
		$action = "post-visit:" . $post->id; // Post unique ID
		$visitsPerUser = 1;
		$minutes = 1440; // 24Hours
        if(Laraflood::checkOnly('ip', $action, $visitsPerUser)){
			/**
			* Increment post views
			* Your code here..
			*/
			Laraflood::addAttempt('ip', $action, $minutes);
        }

}

cdonut/laraflood 适用场景与选型建议

cdonut/laraflood 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 161 次下载、GitHub Stars 达 0, 最近一次更新时间为 2020 年 08 月 11 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「security」 「spam」 「laravel」 「antispam」 「flood」 「antiflood」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 cdonut/laraflood 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 cdonut/laraflood 我们能提供哪些服务?
定制开发 / 二次开发

基于 cdonut/laraflood 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 161
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2020-08-11