From 3fc07183aac8bcad09bff0d4e6eda07f10fbc751 Mon Sep 17 00:00:00 2001 From: filesite Date: Sat, 27 Apr 2024 14:15:51 +0000 Subject: [PATCH] add frequence limit for apis --- .../tajian/controller/FrontapiController.php | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/themes/tajian/controller/FrontapiController.php b/themes/tajian/controller/FrontapiController.php index b3a30eb..d0feec3 100644 --- a/themes/tajian/controller/FrontapiController.php +++ b/themes/tajian/controller/FrontapiController.php @@ -47,6 +47,17 @@ Class FrontApiController extends SiteController { * 其中title、tag和tagid为可选值。 */ public function actionAddfav() { + $ip = $this->getUserIp(); + $check_time = 60; //1 分钟内 + $max_time_in_minutes = 10; //最多 10 次 + + $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + if ($isUserGotRequestLimit) { + $this->logError("Request limit got, ip: {$ip}"); + throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); + } + + $content = $this->post('content', ''); $title = $this->post('title', ''); $tag = $this->post('tag', ''); @@ -407,6 +418,16 @@ eof; //获取短信验证码 public function actionSendsmscode() { + $ip = $this->getUserIp(); + $check_time = 300; //5 分钟内 + $max_time_in_minutes = 3; //最多 3 次 + + $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + if ($isUserGotRequestLimit) { + $this->logError("Request limit got, ip: {$ip}"); + throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); + } + echo "Building..."; exit; } @@ -429,6 +450,16 @@ eof; //用户登录 public function actionLoginuser() { + $ip = $this->getUserIp(); + $check_time = 120; //2 分钟内 + $max_time_in_minutes = 5; //最多 5 次 + + $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + if ($isUserGotRequestLimit) { + $this->logError("Request limit got, ip: {$ip}"); + throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); + } + echo "Building..."; exit; }