forked from phacility/phabricator
-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathPhabricatorClientRateLimit.php
66 lines (51 loc) · 1.63 KB
/
PhabricatorClientRateLimit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
final class PhabricatorClientRateLimit
extends PhabricatorClientLimit {
protected function getBucketDuration() {
return 60;
}
protected function getBucketCount() {
return 5;
}
protected function shouldRejectConnection($score) {
$limit = $this->getLimit();
// Reject connections if the average score across all buckets exceeds the
// limit.
$average_score = $score / $this->getBucketCount();
return ($average_score > $limit);
}
protected function getConnectScore() {
return 0;
}
protected function getPenaltyScore() {
return 1;
}
protected function getDisconnectScore(array $request_state) {
$score = 1;
// If the user was logged in, let them make more requests.
if (isset($request_state['viewer'])) {
$viewer = $request_state['viewer'];
if ($viewer->isOmnipotent()) {
// If the viewer was omnipotent, this was an intracluster request or
// some other kind of special request, so don't give it any points
// toward rate limiting.
$score = 0;
} else if ($viewer->isLoggedIn()) {
// If the viewer was logged in, give them fewer points than if they
// were logged out, since this traffic is much more likely to be
// legitimate.
$score = 0.25;
}
}
return $score;
}
protected function getRateLimitReason($score) {
$client_key = $this->getClientKey();
// NOTE: This happens before we load libraries, so we can not use pht()
// here.
return
"TOO MANY REQUESTS\n".
"You (\"{$client_key}\") are issuing too many requests ".
"too quickly.\n";
}
}