app/GraphQL/EventSubscriber/UniversalApiThrottlingSubscriber.php line 29

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Sq\GraphQL\EventSubscriber;
  5. use Sq\Entity\Schema\ORM as Entity;
  6. use Sq\GraphQL\Exception\SqGraphQLException;
  7. use Sq\GraphQL\Security\RateLimiter\UniversalApiAnonymousThrottling;
  8. use Sq\GraphQL\Security\RateLimiter\UniversalApiUserThrottling;
  9. use Sq\Service\Environment;
  10. use Sq\Service\Log\ExceptionLogger;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\HttpFoundation\JsonResponse;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  15. use Symfony\Component\HttpKernel\KernelEvents;
  16. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  18. class UniversalApiThrottlingSubscriber implements EventSubscriberInterface
  19. {
  20.     public function __construct(
  21.         protected UniversalApiUserThrottling $userThrottling,
  22.         protected UniversalApiAnonymousThrottling $anonymousThrottling,
  23.         protected TokenStorageInterface $tokenStorage,
  24.         protected Environment $env,
  25.         protected ExceptionLogger $exceptionLogger
  26.     ) {
  27.     }
  29.     public function onController(ControllerEvent $event): void
  30.     {
  31.         $request $event->getRequest();
  32.         if (!$this->isProd() || !is_graphql_request($request))
  33.         {
  34.             return;
  35.         }
  36.         try
  37.         {
  38.             $loggedInUser $this->getLoggedInUser();
  39.             if ($loggedInUser === null)
  40.             {
  41.                 $this->anonymousThrottling->ifThrottledThrowError($request->getClientIp());
  42.             }
  43.             else
  44.             {
  45.                 $this->userThrottling->ifThrottledThrowError((string) $loggedInUser->getId());
  46.             }
  47.         }
  48.         catch (SqGraphQLException $e)
  49.         {
  50.             $this->exceptionLogger->logGqlException($e$this->getLoggedInUser());
  51.             $waitInSeconds $e->getExtensions()['wait'] ?? null;
  52.             $result = new \GraphQL\Executor\ExecutionResult(null, [
  53.                 new \GraphQL\Error\Error(SqGraphQLException::httpRateLimited()->getMessage(), nullnull, [], nullnullis_int($waitInSeconds) ? ['wait' => $waitInSeconds] : []),
  54.             ]);
  55.             $response = new JsonResponse($result->toArray(), 429is_int($waitInSeconds) ? ['Retry-After' => $waitInSeconds] : []);
  56.             $event->setController(fn (): Response => $response);
  57.         }
  58.     }
  60.     protected function getLoggedInUser(): ?Entity\User
  61.     {
  62.         $user $this->tokenStorage->getToken() ? $this->tokenStorage->getToken()->getUser() : null;
  63.         return $user instanceof Entity\User $user null;
  64.     }
  66.     protected function isProd(): bool
  67.     {
  68.         return $this->env->isProd();
  69.     }
  71.     /** @inheritDoc */
  72.     public static function getSubscribedEvents()
  73.     {
  74.         return [
  75.             KernelEvents::CONTROLLER => ['onController', -64],
  76.         ];
  77.     }
  78. }