[Feature] Implement configurable API rate limiting (#1984)

2026-06-23 04:20:08 +00:00 · 2025-01-13 16:45:51 -05:00
parent cf13ecbf40
commit f586165028
3 changed files with 16 additions and 5 deletions
@@ -39,10 +39,7 @@ class AppServiceProvider extends ServiceProvider
    public function boot(): void
    {
        $this->defineCustomIfStatements();
-
-        RateLimiter::for('api', function (Request $request) {
-            return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
-        });
+        $this->setApiRateLimit();

        if (config('app.force_https')) {
            URL::forceScheme('https');
@@ -77,4 +74,11 @@ class AppServiceProvider extends ServiceProvider
            return filled($value);
        });
    }
+
+    protected function setApiRateLimit(): void
+    {
+        RateLimiter::for('api', function (Request $request) {
+            return Limit::perMinute(config('api.rate_limit'));
+        });
+    }
 }
@@ -0,0 +1,7 @@
+<?php
+
+return [
+
+    'rate_limit' => env('API_RATE_LIMIT', 60),
+
+];
@@ -24,6 +24,6 @@ Route::get('/healthcheck', function () {
 Route::get('/speedtest/latest', GetLatestController::class)
    ->name('speedtest.latest');

-Route::middleware('auth:sanctum')->group(function () {
+Route::middleware(['auth:sanctum', 'throttle:api'])->group(function () {
    require __DIR__.'/api/v1/routes.php';
 });