improved too many emails for firewall

akaunting · Aug 2, 2023 · 8b305a9 · 8b305a9
1 parent 09ee5a6
commit 8b305a9
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 40 deletions.
diff --git a/app/Listeners/Email/TellFirewallTooManyEmailsSent.php b/app/Listeners/Email/TellFirewallTooManyEmailsSent.php
@@ -5,7 +5,6 @@
 use Akaunting\Firewall\Events\AttackDetected;
 use Akaunting\Firewall\Traits\Helper;
 use App\Events\Email\TooManyEmailsSent as Event;
-use Illuminate\Support\Facades\Config;
 
 class TellFirewallTooManyEmailsSent
 {
@@ -17,9 +16,7 @@ public function handle(Event $event): void
         $this->middleware = 'too_many_emails_sent';
         $this->user_id = $event->user_id;
 
-        $this->loadConfig();
-
-        if ($this->skip($event)) {
+        if ($this->skip()) {
             return;
         }
 
@@ -28,40 +25,7 @@ public function handle(Event $event): void
         event(new AttackDetected($log));
     }
 
-    public function loadConfig(): void
-    {
-        if (! empty(Config::get('firewall.middleware.' . $this->middleware))) {
-            return;
-        }
-
-        $config = array_merge_recursive(
-            Config::get('firewall'),
-            [
-                'middleware' => [
-                    $this->middleware => [
-                        'enabled' => env('FIREWALL_MIDDLEWARE_' . strtoupper($this->middleware) . '_ENABLED', Config::get('firewall.enabled', true)),
-
-                        'methods' => ['post'],
-
-                        'routes' => [
-                            'only' => [], // i.e. 'contact'
-                            'except' => [], // i.e. 'admin/*'
-                        ],
-
-                        'auto_block' => [
-                            'attempts' => env('FIREWALL_MIDDLEWARE_' . strtoupper($this->middleware) . '_AUTO_BLOCK_ATTEMPTS', 20),
-                            'frequency' => 1 * 60, // 1 minute
-                            'period' => 30 * 60, // 30 minutes
-                        ],
-                    ],
-                ],
-            ]
-        );
-
-        Config::set('firewall', $config);
-    }
-
-    public function skip($event): bool
+    public function skip(): bool
     {
         if ($this->isDisabled()) {
             return true;

diff --git a/config/firewall.php b/config/firewall.php
@@ -436,6 +436,24 @@
             ],
         ],
 
+        // Custom middleware
+        'too_many_emails_sent' => [
+            'enabled' => env('FIREWALL_MIDDLEWARE_TOO_MANY_EMAILS_SENT_ENABLED', env('FIREWALL_ENABLED', true)),
+
+            'methods' => ['post'],
+
+            'routes' => [
+                'only' => [], // i.e. 'contact'
+                'except' => [], // i.e. 'admin/*'
+            ],
+
+            'auto_block' => [
+                'attempts' => env('FIREWALL_MIDDLEWARE_TOO_MANY_EMAILS_SENT_AUTO_BLOCK_ATTEMPTS', 20),
+                'frequency' => 1 * 60, // 1 minute
+                'period' => 30 * 60, // 30 minutes
+            ],
+        ],
+
     ],
 
 ];
diff --git a/tests/Feature/Email/TooManyEmailsSentTest.php b/tests/Feature/Email/TooManyEmailsSentTest.php
@@ -11,7 +11,7 @@ public function testItShouldNotBlockIpDueToTooManyEmailsSent()
     {
         $this->loginAs();
 
-        config(['firewall.enabled' => true]);
+        config(['firewall.middleware.too_many_emails_sent.enabled' => true]);
 
         for ($i = 0; $i < 19; $i++) {
             event(new TooManyEmailsSent(user_id()));
@@ -31,7 +31,7 @@ public function testItShouldBlockIpDueToTooManyEmailsSent()
     {
         $this->loginAs();
 
-        config(['firewall.enabled' => true]);
+        config(['firewall.middleware.too_many_emails_sent.enabled' => true]);
 
         for ($i = 0; $i < 20; $i++) {
             event(new TooManyEmailsSent(user_id()));