refactor(pages): replace superglobals with request/session abstractions
This commit is contained in:
@@ -2,11 +2,14 @@
|
||||
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\RequestRuntimeInterface;
|
||||
use MintyPHP\Service\Auth\ApiTokenEndpointService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
$requestRuntime = app(RequestRuntimeInterface::class);
|
||||
|
||||
ApiBootstrap::init(false);
|
||||
ApiResponse::requireMethod('POST');
|
||||
|
||||
@@ -16,7 +19,7 @@ $apiTokenEndpointService = app(ApiTokenEndpointService::class);
|
||||
|
||||
// ---- Login-specific rate limits (stricter than the general API rate limit in ApiBootstrap) ----
|
||||
$rateLimiter = (app(SecurityServicesFactory::class))->createRateLimiterService();
|
||||
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
|
||||
$ip = $requestRuntime->ip();
|
||||
|
||||
$ipResult = $rateLimiter->isBlocked('api.auth.login.ip', $ip);
|
||||
if (!($ipResult['allowed'] ?? true)) {
|
||||
|
||||
Reference in New Issue
Block a user