gitee/course-tencent-cloud
1
0
Fork 0
mirror of https://gitee.com/koogua/course-tencent-cloud.git synced 2025-06-24 20:06:09 +08:00
Code Issues Releases Wiki Activity
course-tencent-cloud/app/Validators/Security.php
xiaochong0302 5384cb8c87 优化
2020-05-06 20:14:50 +08:00

47 lines
1.1 KiB
PHP
Raw Blame History

<?php
namespace App\Validators;
use App\Exceptions\BadRequest as BadRequestException;
use App\Exceptions\ServiceUnavailable as ServiceUnavailableException;
use App\Services\Throttle as ThrottleService;
class Security extends Validator
{
public function checkCsrfToken()
{
$tokenKey = $this->request->getHeader('X-Csrf-Token-Key');
$tokenValue = $this->request->getHeader('X-Csrf-Token-Value');
$result = $this->security->checkToken($tokenKey, $tokenValue);
if (!$result) {
throw new BadRequestException('security.invalid_csrf_token');
}
}
public function checkHttpReferer()
{
$httpHost = parse_url($this->request->getHttpReferer(), PHP_URL_HOST);
$result = $httpHost == $this->request->getHttpHost();
if (!$result) {
throw new BadRequestException('security.invalid_http_referer');
}
}
public function checkRateLimit()
{
$service = new ThrottleService();
$result = $service->checkRateLimit();
if (!$result) {
throw new ServiceUnavailableException('security.too_many_requests');
}
}
}
Reference in New Issue View Git Blame Copy Permalink