add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace MintyPHP\Repository\Security;
|
|
|
|
|
|
|
|
|
|
use MintyPHP\DB;
|
|
|
|
|
|
2026-03-13 21:58:51 +01:00
|
|
|
/** Persists rate limit counters with hit tracking, window expiry, and block duration. */
|
2026-03-05 08:26:51 +01:00
|
|
|
class RateLimitRepository implements RateLimitRepositoryInterface
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
{
|
2026-02-23 12:58:19 +01:00
|
|
|
public function findByScopeAndHash(string $scope, string $subjectHash): ?array
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
{
|
|
|
|
|
$row = DB::selectOne(
|
|
|
|
|
'select id, scope, subject_hash, hits, window_started_at, blocked_until, created, modified from request_rate_limits where scope = ? and subject_hash = ? limit 1',
|
|
|
|
|
$scope,
|
|
|
|
|
$subjectHash
|
|
|
|
|
);
|
|
|
|
|
if (!$row || !isset($row['request_rate_limits']) || !is_array($row['request_rate_limits'])) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
return $row['request_rate_limits'];
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-23 12:58:19 +01:00
|
|
|
public function create(
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
string $scope,
|
|
|
|
|
string $subjectHash,
|
|
|
|
|
int $hits,
|
|
|
|
|
string $windowStartedAt,
|
|
|
|
|
?string $blockedUntil
|
|
|
|
|
): bool {
|
|
|
|
|
$result = DB::insert(
|
|
|
|
|
'insert into request_rate_limits (scope, subject_hash, hits, window_started_at, blocked_until, created) values (?,?,?,?,?,NOW())',
|
|
|
|
|
$scope,
|
|
|
|
|
$subjectHash,
|
|
|
|
|
(string) max(0, $hits),
|
|
|
|
|
$windowStartedAt,
|
|
|
|
|
$blockedUntil
|
|
|
|
|
);
|
|
|
|
|
return $result !== false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-23 12:58:19 +01:00
|
|
|
public function updateStateById(
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
int $id,
|
|
|
|
|
int $hits,
|
|
|
|
|
string $windowStartedAt,
|
|
|
|
|
?string $blockedUntil
|
|
|
|
|
): bool {
|
|
|
|
|
if ($id <= 0) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$result = DB::update(
|
|
|
|
|
'update request_rate_limits set hits = ?, window_started_at = ?, blocked_until = ? where id = ?',
|
|
|
|
|
(string) max(0, $hits),
|
|
|
|
|
$windowStartedAt,
|
|
|
|
|
$blockedUntil,
|
|
|
|
|
(string) $id
|
|
|
|
|
);
|
|
|
|
|
return $result !== false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-23 12:58:19 +01:00
|
|
|
public function deleteByScopeAndHash(string $scope, string $subjectHash): bool
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
{
|
|
|
|
|
$result = DB::delete(
|
|
|
|
|
'delete from request_rate_limits where scope = ? and subject_hash = ?',
|
|
|
|
|
$scope,
|
|
|
|
|
$subjectHash
|
|
|
|
|
);
|
|
|
|
|
return $result !== false;
|
|
|
|
|
}
|
|
|
|
|
}
|