feat: add Retry-After header if needed

maelgangloff · Aug 5, 2024 · 686d39d · 686d39d
1 parent 4e6649f
commit 686d39d
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 10 deletions.
diff --git a/src/Controller/DomainRefreshController.php b/src/Controller/DomainRefreshController.php
@@ -64,12 +64,13 @@ public function __invoke(string $ldhName, KernelInterface $kernel): ?Domain
 
         if (false === $kernel->isDebug() && true === $this->getParameter('limited_features')) {
             $limiter = $this->rdapRequestsLimiter->create($userId);
+            $limit = $limiter->consume();
 
-            if (false === $limiter->consume()->isAccepted()) {
+            if (false === $limit->isAccepted()) {
                 $this->logger->warning('User {username} was rate limited by the API.', [
                     'username' => $this->getUser()->getUserIdentifier(),
                 ]);
-                throw new TooManyRequestsHttpException();
+                throw new TooManyRequestsHttpException($limit->getRetryAfter()->getTimestamp() - time());
             }
         }
 

diff --git a/src/Controller/MeController.php b/src/Controller/MeController.php
@@ -3,12 +3,30 @@
 namespace App\Controller;
 
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\RateLimiter\RateLimiterFactory;
+use Symfony\Component\Serializer\SerializerInterface;
 
 class MeController extends AbstractController
 {
-    public function __invoke(): UserInterface
+    public function __construct(
+        private readonly SerializerInterface $serializer,
+        private readonly RateLimiterFactory $rdapRequestsLimiter,
+    ) {
+    }
+
+    public function __invoke(): Response
     {
-        return $this->getUser();
+        $user = $this->getUser();
+        $limiter = $this->rdapRequestsLimiter->create($user->getUserIdentifier());
+        $limit = $limiter->consume(0);
+
+        $data = $this->serializer->serialize($user, 'json', ['groups' => 'user:list']);
+
+        return new JsonResponse($data, Response::HTTP_OK, [
+            'eu.domainwatchdog.ratelimiter.rdap.remaining' => $limit->getRemainingTokens(),
+            'eu.domainwatchdog.ratelimiter.rdap.limit' => $limit->getLimit(),
+        ], true);
     }
 }
diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php
@@ -56,12 +56,16 @@ public function register(Request $request, UserPasswordHasherInterface $userPass
 
         $limiter = $this->userRegisterLimiter->create($request->getClientIp());
 
-        if (false === $this->kernel->isDebug() && false === $limiter->consume()->isAccepted()) {
-            $this->logger->warning('IP address {ip} was rate limited by the Registration API.', [
-                'ip' => $request->getClientIp(),
-            ]);
+        if (false === $this->kernel->isDebug()) {
+            $limit = $limiter->consume();
 
-            throw new TooManyRequestsHttpException();
+            if (false === $limit->isAccepted()) {
+                $this->logger->warning('IP address {ip} was rate limited by the Registration API.', [
+                    'ip' => $request->getClientIp(),
+                ]);
+
+                throw new TooManyRequestsHttpException($limit->getRetryAfter()->getTimestamp() - time());
+            }
         }
 
         $user = $this->serializer->deserialize($request->getContent(), User::class, 'json', ['groups' => 'user:register']);