From 489a9c46032778568ea2ee4ecdda32fb40be9065 Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@open.de>
Date: Sun, 6 Jul 2025 14:38:02 +0200
Subject: [PATCH] configuration for the storage service for the login
 throttling rate limiter

---
 .../Security/Factory/LoginThrottlingFactory.php            | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/LoginThrottlingFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/LoginThrottlingFactory.php
index fa1a9901a67ea..b782e2012dd44 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/LoginThrottlingFactory.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/LoginThrottlingFactory.php
@@ -55,6 +55,8 @@ public function addConfiguration(NodeDefinition $builder): void
                 ->integerNode('max_attempts')->defaultValue(5)->end()
                 ->scalarNode('interval')->defaultValue('1 minute')->end()
                 ->scalarNode('lock_factory')->info('The service ID of the lock factory used by the login rate limiter (or null to disable locking).')->defaultNull()->end()
+                ->scalarNode('cache_pool')->info('The cache pool to use for storing the limiter state')->defaultValue('cache.rate_limiter')->end()
+                ->scalarNode('storage_service')->info('The service ID of a custom storage implementation, this precedes any configured "cache_pool"')->defaultNull()->end()
             ->end();
     }
 
@@ -70,6 +72,8 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
                 'limit' => $config['max_attempts'],
                 'interval' => $config['interval'],
                 'lock_factory' => $config['lock_factory'],
+                'cache_pool' => $config['cache_pool'],
+                'storage_service' => $config['storage_service'],
             ];
             $this->registerRateLimiter($container, $localId = '_login_local_'.$firewallName, $limiterOptions);
 
@@ -93,9 +97,6 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
 
     private function registerRateLimiter(ContainerBuilder $container, string $name, array $limiterConfig): void
     {
-        // default configuration (when used by other DI extensions)
-        $limiterConfig += ['lock_factory' => 'lock.factory', 'cache_pool' => 'cache.rate_limiter'];
-
         $limiter = $container->setDefinition($limiterId = 'limiter.'.$name, new ChildDefinition('limiter'));
 
         if (null !== $limiterConfig['lock_factory']) {