File manager - Edit - /var/www/html/portalHomolog/app/Providers/RouteServiceProvider.php
Back
<?php namespace App\Providers; use Illuminate\Cache\RateLimiting\Limit; use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider; use Illuminate\Http\Request; use Illuminate\Support\Facades\RateLimiter; use Illuminate\Support\Facades\Route; use App\Models\DefesaCivil\BoletimMeteorologico; class RouteServiceProvider extends ServiceProvider { /** * The path to the "home" route for your application. * * Typically, users are redirected here after authentication. * * @var string */ public const HOME = '/home'; /** * Define your route model bindings, pattern filters, and other route configuration. */ public function boot(): void { $this->configureRateLimiting(); $this->routes(function () { Route::middleware('api') ->prefix('api') ->group(base_path('routes/api.php')); Route::middleware([ \Illuminate\Routing\Middleware\SubstituteBindings::class, ])->group(base_path('routes/gtfs.php')); Route::middleware('web') ->group(base_path('routes/web.php')); }); Route::bind('boletim_meteorologico', function ($value) { return BoletimMeteorologico::where('id', $value)->firstOrFail(); }); Route::model('user', \App\Models\User::class); Route::model('empresa', \App\Models\Empresa::class); Route::model('endereco', \App\Models\Endereco::class); Route::model('arquivo', \App\Models\Arquivo::class); } /** * Configure the rate limiters for the application. */ protected function configureRateLimiting(): void { RateLimiter::for('api', function (Request $request) { return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip()); }); // Autenticação: protege contra força bruta sem penalizar usuários // legítimos que compartilham o mesmo IP público (NAT/proxy/rede da // prefeitura) ou que utilizam o fluxo gov.br (redirect + callback). RateLimiter::for('auth', function (Request $request) { $ip = (string) $request->ip(); $login = trim((string) $request->input('login', '')); // Limite por IP: permite múltiplos usuários atrás do mesmo IP e o // fluxo de redirecionamento/callback do gov.br. $limits = [ Limit::perMinute(30)->by('auth-ip:' . $ip), ]; // Limite por conta+IP: proteção fina contra força bruta em uma // credencial específica a partir de um mesmo IP. if ($login !== '') { $loginKey = sha1(mb_strtolower($login)); $limits[] = Limit::perMinute(5)->by('auth-login:' . $loginKey . '|' . $ip); } return $limits; }); // Recuperação/redefinição de senha e criação de conta RateLimiter::for('password-recovery', function (Request $request) { return Limit::perMinute(3)->by($request->ip()); }); // Rotas públicas web que aceitam POST (formulários, ajax) RateLimiter::for('web-public', function (Request $request) { return Limit::perMinute(60)->by($request->ip()); }); } }
| ver. 1.4 |
Github
|
.
| PHP 8.3.28 | Generation time: 0.01 |
proxy
|
phpinfo
|
Settings