ResendVerificationThrottle
in package
Rate limiting for resend verification email requests.
Implements combined IP and email-based throttling to prevent DOS/spam:
- Per-IP limit: 5 requests per 5 minutes
- Per-email limit: 1 request per 5 minutes
Table of Contents
Properties
- $_emailLimit : int
- $_emailWindow : int
- $_ipLimit : int
- $_ipWindow : int
- $_storage : IRateLimitStorage
Methods
- __construct() : mixed
- allow() : bool
- Check if resend verification is allowed for given IP and email.
- clear() : void
- Clear all rate limit data.
- getEmailResetTime() : int
- Get reset time for email-based limit.
- getIpResetTime() : int
- Get reset time for IP-based limit.
- getRemainingEmailAttempts() : int
- Get remaining attempts for an email address.
- getRemainingIpAttempts() : int
- Get remaining attempts for an IP address.
- getStorage() : IRateLimitStorage
- Get the storage backend.
- resetEmail() : void
- Reset rate limit for a specific email address.
- resetIp() : void
- Reset rate limit for a specific IP address.
Properties
$_emailLimit
private
int
$_emailLimit
= 1
$_emailWindow
private
int
$_emailWindow
= \Neuron\Cms\Config\CacheConfig::SHORT_TTL
$_ipLimit
private
int
$_ipLimit
= 5
$_ipWindow
private
int
$_ipWindow
= \Neuron\Cms\Config\CacheConfig::SHORT_TTL
$_storage
private
IRateLimitStorage
$_storage
Methods
__construct()
public
__construct([IRateLimitStorage|null $storage = null ][, array<string, int> $config = [] ]) : mixed
Parameters
- $storage : IRateLimitStorage|null = null
-
Storage backend (defaults to file-based)
- $config : array<string, int> = []
-
Optional configuration overrides
allow()
Check if resend verification is allowed for given IP and email.
public
allow(string $ip, string $email) : bool
Checks both IP-based and email-based rate limits. Both must pass for the request to be allowed.
Parameters
- $ip : string
-
Client IP address
- $email : string
-
Email address (will be hashed)
Return values
bool —True if allowed, false if rate limited
clear()
Clear all rate limit data.
public
clear() : void
getEmailResetTime()
Get reset time for email-based limit.
public
getEmailResetTime(string $email) : int
Parameters
- $email : string
-
Email address
Return values
int —Unix timestamp when limit resets
getIpResetTime()
Get reset time for IP-based limit.
public
getIpResetTime(string $ip) : int
Parameters
- $ip : string
-
Client IP address
Return values
int —Unix timestamp when limit resets
getRemainingEmailAttempts()
Get remaining attempts for an email address.
public
getRemainingEmailAttempts(string $email) : int
Parameters
- $email : string
-
Email address
Return values
int —Number of remaining attempts
getRemainingIpAttempts()
Get remaining attempts for an IP address.
public
getRemainingIpAttempts(string $ip) : int
Parameters
- $ip : string
-
Client IP address
Return values
int —Number of remaining attempts
getStorage()
Get the storage backend.
public
getStorage() : IRateLimitStorage
Return values
IRateLimitStorageresetEmail()
Reset rate limit for a specific email address.
public
resetEmail(string $email) : void
Useful for testing or administrative override.
Parameters
- $email : string
-
Email address
resetIp()
Reset rate limit for a specific IP address.
public
resetIp(string $ip) : void
Useful for testing or administrative override.
Parameters
- $ip : string
-
Client IP address