13173436689

Committed 06 Feb 2025 06:54AM UTC coverage: 92.833%. First build

Build # 13173436689

Build Type

Pull #1243

github

Committed by

web-flow

Commit Message

Merge 0ec620e68 into 492365d93

Pull Request Pull Request #1243: chore: update dependencies to support PHP 8.1 - 8.4

Run Details

83 of 96 new or added lines in 23 files covered. (86.46%)

2785 of 3000 relevant lines covered (92.83%)

147.04 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

22.22

/src/Filters/AuthRates.php

<?php

declare(strict_types=1);

/**
 * This file is part of CodeIgniter Shield.
 *
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace CodeIgniter\Shield\Filters;

use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\IncomingRequest;
use CodeIgniter\HTTP\RedirectResponse;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;

/**
 * Auth Rate-Limiting Filter.
 *
 * Provides rated limiting intended for Auth routes.
 */
class AuthRates implements FilterInterface
{
    /**
     * Intened for use on auth form pages to restrict the number
     * of attempts that can be generated. Restricts it to 10 attempts
     * per minute, which is what auth0 uses.
     *
     * @see https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/database-connections-rate-limits
     *
     * @param array|null $arguments
     *
     * @return RedirectResponse|void
     */
    public function before(RequestInterface $request, $arguments = null)
    {
        if (! $request instanceof IncomingRequest) {
            return;
        }

        $throttler = service('throttler');

        // Restrict an IP address to no more than 10 requests
        // per minute on any auth-form pages (login, register, forgot, etc).
        if ($throttler->check(md5($request->getIPAddress()), 10, MINUTE, 1) === false) {
            return service('response')->setStatusCode(
                429,
                lang('Auth.throttled', [$throttler->getTokenTime()]), // message
            );
        }
    }

    /**
     * We don't have anything to do here.
     *
     * @param array|null $arguments
     */
    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
    {
        // Nothing required
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of CodeIgniter Shield.
7	*
8	* (c) CodeIgniter Foundation <admin@codeigniter.com>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace CodeIgniter\Shield\Filters;
15
16	use CodeIgniter\Filters\FilterInterface;
17	use CodeIgniter\HTTP\IncomingRequest;
18	use CodeIgniter\HTTP\RedirectResponse;
19	use CodeIgniter\HTTP\RequestInterface;
20	use CodeIgniter\HTTP\ResponseInterface;
21
22	/**
23	* Auth Rate-Limiting Filter.
24	*
25	* Provides rated limiting intended for Auth routes.
26	*/
27	class AuthRates implements FilterInterface
28	{
29	/**
30	* Intened for use on auth form pages to restrict the number
31	* of attempts that can be generated. Restricts it to 10 attempts
32	* per minute, which is what auth0 uses.
33	*
34	* @see https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/database-connections-rate-limits
35	*
36	* @param array\|null $arguments
37	*
38	* @return RedirectResponse\|void
39	*/
40	public function before(RequestInterface $request, $arguments = null)
41	{
42	if (! $request instanceof IncomingRequest) {	6✔
43	return;	6✔
44	}
45
46	$throttler = service('throttler');	×
47
48	// Restrict an IP address to no more than 10 requests
49	// per minute on any auth-form pages (login, register, forgot, etc).
50	if ($throttler->check(md5($request->getIPAddress()), 10, MINUTE, 1) === false) {	×
51	return service('response')->setStatusCode(	×
52	429,	×
NEW 53	lang('Auth.throttled', [$throttler->getTokenTime()]), // message	×
54	);	×
55	}
56	}
57
58	/**
59	* We don't have anything to do here.
60	*
61	* @param array\|null $arguments
62	*/
63	public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
64	{
65	// Nothing required
66	}	×
67	}

codeigniter4 / shield / 13173436689

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous