A framework independent, flexible and highly extensible rate limiter for PHP.
It is best installed it through packagist
by including sunspikes/php-ratelimiter
in your project composer.json require:
"require": {
"sunspikes/php-ratelimiter": "dev-master"
}
You can also download it from [Github] (https://github.com/sunspikes/php-ratelimiter), but no autoloader is provided so you'll need to register it with your own PSR-4 compatible autoloader.
// 1. Make a rate limiter with limit 3 attempts in 10 minutes
$cacheAdapter = new DesarrollaCacheAdapter((new DesarrollaCacheFactory())->make());
$ratelimiter = new RateLimiter(new ThrottlerFactory(), new HydratorFactory(), $cacheAdapter, 3, 600);
// 2. Get a throttler for path /login
$loginThrottler = $ratelimiter->get('/login');
// 3. Register a hit
$loginThrottler->hit()
// 4. Check if it reached the limit
if ($loginThrottler->check()) {
// access permitted
} else {
// access denied
}
// Or combine the steps 3 & 4
if ($loginThrottler->access()) {
// access permitted
} else {
// access denied
}
// To get the number of hits
print $loginThrottler->count(); // or count($throttler)
By default PHP Ratelimiter uses the desarolla2 cache adapter, the sample configuration provided in config/config.php
You can configure the drivers in config.php
, for example to use memcache change the driver to 'memcache'
return [
'default_ttl' => 3600,
'driver' => 'memcache',
'memcache' => [
//....
],
];
The PHP Ratelimiter is highly extensible, you can have custom adapters by implementing Sunspikes\Ratelimit\Cache\Adapter\CacheAdapterInterface
For example to use Doctrine cache adapter
class DoctrineCacheAdapter implements CacheAdapterInterface
{
public function __construct($cache)
{
$this->cache = $cache;
}
// Implement the methods
}
// Build adapter using APC cache driver
$adapter = new DoctrineCacheAdapter(new \Doctrine\Common\Cache\ApcCache());
Also you can have custom hydrators by implementing Sunspikes\Ratelimit\Throttle\Hydrator\DataHydratorInterface
For example to use a Symfony Request object instead of custom URL for ratelimiting
class RequestHydrator implements DataHydratorInterface
{
public function hydrate($data, $limit, $ttl)
{
// Make the key string
$key = $data->getClientIp() . $data->getPathInfo();
return new Data($key, $limit, $ttl);
}
}
// Hydrate the request to Data object
$hydrator = new RequestHydrator();
Then decorate or extend the HydratorFactory to recognize your data
use Hydrator\FactoryInterface;
class MyHydratorFactory implements FactoryInterface
{
private $defaultFactory;
public function __construct(FactoryInterface $defaultFactory)
{
$this->defaultFactory = $defaultFactory;
}
public function make($data)
{
if ($data instanceof Request) {
return new RequestHydrator();
}
return $this->defaultFactory->make($data);
}
}
Krishnaprasad MG [@sunspikes]
Please feel free to send pull requests.
This is an open-sourced software licensed under the MIT license.