14163805301

Committed 31 Mar 2025 04:02AM UTC coverage: 92.761% (+0.002%) from 92.759%

Build # 14163805301

Build Type

Pull #1263

github

Committed by

web-flow

Commit Message

Merge d74c09931 into 568a1308b

Pull Request Pull Request #1263: refactor: Ensure `findById` returns `null` instead of an array when ID is null

Run Details

2 of 2 new or added lines in 1 file covered. (100.0%)

2832 of 3053 relevant lines covered (92.76%)

149.74 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

22.22

/src/Filters/AuthRates.php

<?php

declare(strict_types=1);

/**
 * This file is part of CodeIgniter Shield.
 *
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace CodeIgniter\Shield\Filters;

use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\IncomingRequest;
use CodeIgniter\HTTP\RedirectResponse;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;

/**
 * Auth Rate-Limiting Filter.
 *
 * Provides rated limiting intended for Auth routes.
 */
class AuthRates implements FilterInterface
{
    /**
     * Intened for use on auth form pages to restrict the number
     * of attempts that can be generated. Restricts it to 10 attempts
     * per minute, which is what auth0 uses.
     *
     * @see https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/database-connections-rate-limits
     *
     * @param array|null $arguments
     *
     * @return RedirectResponse|void
     */
    public function before(RequestInterface $request, $arguments = null)
    {
        if (! $request instanceof IncomingRequest) {
            return;
        }

        $throttler = service('throttler');

        // Restrict an IP address to no more than 10 requests
        // per minute on any auth-form pages (login, register, forgot, etc).
        if ($throttler->check(md5($request->getIPAddress()), 10, MINUTE, 1) === false) {
            return service('response')->setStatusCode(
                429,
                lang('Auth.throttled', [$throttler->getTokenTime()]), // message
            );
        }
    }

    /**
     * We don't have anything to do here.
     *
     * @param array|null $arguments
     */
    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
    {
        // Nothing required
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of CodeIgniter Shield.
7	*
8	* (c) CodeIgniter Foundation <admin@codeigniter.com>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace CodeIgniter\Shield\Filters;
15
16	use CodeIgniter\Filters\FilterInterface;
17	use CodeIgniter\HTTP\IncomingRequest;
18	use CodeIgniter\HTTP\RedirectResponse;
19	use CodeIgniter\HTTP\RequestInterface;
20	use CodeIgniter\HTTP\ResponseInterface;
21
22	/**
23	* Auth Rate-Limiting Filter.
24	*
25	* Provides rated limiting intended for Auth routes.
26	*/
27	class AuthRates implements FilterInterface
28	{
29	/**
30	* Intened for use on auth form pages to restrict the number
31	* of attempts that can be generated. Restricts it to 10 attempts
32	* per minute, which is what auth0 uses.
33	*
34	* @see https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/database-connections-rate-limits
35	*
36	* @param array\|null $arguments
37	*
38	* @return RedirectResponse\|void
39	*/
40	public function before(RequestInterface $request, $arguments = null)
41	{
42	if (! $request instanceof IncomingRequest) {	6✔
43	return;	6✔
44	}
45
46	$throttler = service('throttler');	×
47
48	// Restrict an IP address to no more than 10 requests
49	// per minute on any auth-form pages (login, register, forgot, etc).
50	if ($throttler->check(md5($request->getIPAddress()), 10, MINUTE, 1) === false) {	×
51	return service('response')->setStatusCode(	×
52	429,	×
53	lang('Auth.throttled', [$throttler->getTokenTime()]), // message	×
54	);	×
55	}
56	}
57
58	/**
59	* We don't have anything to do here.
60	*
61	* @param array\|null $arguments
62	*/
63	public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
64	{
65	// Nothing required
66	}	×
67	}

codeigniter4 / shield / 14163805301

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous