From 487fbe0427de5f607f7f99856dbfc43e4dad3cd7 Mon Sep 17 00:00:00 2001 From: 1day2die Date: Wed, 22 May 2024 11:25:39 +0200 Subject: [PATCH] Should fix ticket 429 too many requests --- .gitignore | 3 +++ app/Http/Controllers/TicketsController.php | 11 ++++++++++- routes/web.php | 4 ++-- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index f72249a8..0d6b6034 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,6 @@ Homestead.yaml public/install/logs.txt install.lock public/install/logs/installer.log + +/.idea +cpggdatabase.sql diff --git a/app/Http/Controllers/TicketsController.php b/app/Http/Controllers/TicketsController.php index de59bf88..d55516fc 100644 --- a/app/Http/Controllers/TicketsController.php +++ b/app/Http/Controllers/TicketsController.php @@ -17,6 +17,7 @@ use App\Settings\TicketSettings; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Notification; +use Illuminate\Support\Facades\RateLimiter; use Illuminate\Support\Str; class TicketsController extends Controller @@ -35,6 +36,9 @@ class TicketsController extends Controller public function store(Request $request, TicketSettings $ticket_settings) { + if (RateLimiter::tooManyAttempts('ticket-send:'.Auth::user()->id, $perMinute = 1)) { + return redirect()->back()->with('error', __('Please wait before creating a new Ticket')); + } $this->validate( $request, [ @@ -67,6 +71,7 @@ class TicketsController extends Controller $user->notify(new CreateNotification($ticket)); + RateLimiter::hit('ticket-send:'.Auth::user()->id); return redirect()->route('ticket.index')->with('success', __('A ticket has been opened, ID: #') . $ticket->ticket_id); } @@ -89,6 +94,9 @@ class TicketsController extends Controller public function reply(Request $request) { + if (RateLimiter::tooManyAttempts('ticket-reply:'.Auth::user()->id, $perMinute = 1)) { + return redirect()->back()->with('error', __('Please wait before answering a Ticket')); + } //check in blacklist $check = TicketBlacklist::where('user_id', Auth::user()->id)->first(); if ($check && $check->status == 'True') { @@ -101,6 +109,7 @@ class TicketsController extends Controller return redirect()->back()->with('warning', __('Ticket not found on the server. It potentially got deleted earlier')); } $ticket->status = 'Client Reply'; + $ticket->updated_at = now(); $ticket->update(); $ticketcomment = TicketComment::create([ 'ticket_id' => $request->input('ticket_id'), @@ -115,7 +124,7 @@ class TicketsController extends Controller foreach($staffNotify as $staff){ Notification::send($staff, new AdminReplyNotification($ticket, $user, $newmessage)); } - + RateLimiter::hit('ticket-reply:'.Auth::user()->id); return redirect()->back()->with('success', __('Your comment has been submitted')); } diff --git a/routes/web.php b/routes/web.php index c575ea98..f5078e3c 100644 --- a/routes/web.php +++ b/routes/web.php @@ -119,9 +119,9 @@ Route::middleware(['auth', 'checkSuspended'])->group(function () { Route::get('ticket', [TicketsController::class, 'index'])->name('ticket.index'); Route::get('ticket/datatable', [TicketsController::class, 'datatable'])->name('ticket.datatable'); Route::get('ticket/new', [TicketsController::class, 'create'])->name('ticket.new'); - Route::post('ticket/new', [TicketsController::class, 'store'])->middleware(['throttle:ticket-new'])->name('ticket.new.store'); + Route::post('ticket/new', [TicketsController::class, 'store'])->name('ticket.new.store'); Route::get('ticket/show/{ticket_id}', [TicketsController::class, 'show'])->name('ticket.show'); - Route::post('ticket/reply', [TicketsController::class, 'reply'])->middleware(['throttle:ticket-reply'])->name('ticket.reply'); + Route::post('ticket/reply', [TicketsController::class, 'reply'])->name('ticket.reply'); Route::post('ticket/status/{ticket_id}', [TicketsController::class, 'changeStatus'])->name('ticket.changeStatus');