gitee/course-tencent-cloud
1
0
Fork 0
mirror of https://gitee.com/koogua/course-tencent-cloud.git synced 2025-06-22 03:32:47 +08:00
Code Issues Releases Wiki Activity
course-tencent-cloud/app/Validators/Security.php
xiaochong0302 ac352683dd 删除api验证,app应用管理
2020-11-23 21:10:41 +08:00

49 lines
1.1 KiB
PHP
Raw Blame History

<?php
namespace App\Validators;
use App\Exceptions\BadRequest as BadRequestException;
use App\Exceptions\ServiceUnavailable as ServiceUnavailableException;
use App\Library\CsrfToken as CsrfTokenService;
use App\Services\Throttle as ThrottleService;
class Security extends Validator
{
public function checkCsrfToken()
{
$token = $this->request->getHeader('X-Csrf-Token');
$service = new CsrfTokenService();
$result = $service->checkToken($token);
if (!$result) {
throw new BadRequestException('security.invalid_csrf_token');
}
}
public function checkHttpReferer()
{
$httpHost = parse_url($this->request->getHttpReferer(), PHP_URL_HOST);
$result = $httpHost == $this->request->getHttpHost();
if (!$result) {
throw new BadRequestException('security.invalid_http_referer');
}
}
public function checkRateLimit()
{
$service = new ThrottleService();
$result = $service->checkRateLimit();
if (!$result) {
throw new ServiceUnavailableException('security.too_many_requests');
}
}
}
Reference in New Issue View Git Blame Copy Permalink