Add api endpoint

This commit is contained in:
Daniel Supernault 2024-06-08 00:57:29 -06:00
parent 921be4287c
commit b29527cf53
No known key found for this signature in database
GPG Key ID: 23740873EE6F76A1
3 changed files with 79 additions and 0 deletions

View File

@ -945,4 +945,64 @@ class ApiV1Dot1Controller extends Controller
return $this->json($res);
}
public function accountUsernameToId(Request $request, $username)
{
abort_if(! $request->user() || ! $request->user()->token() || ! $username, 403);
abort_unless($request->user()->tokenCan('read'), 403);
$rateLimiting = (bool) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.enabled');
$ipRateLimiting = (bool) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_enabled');
if ($ipRateLimiting) {
$userLimit = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_limit');
$userDecay = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_decay');
$userKey = 'pf:apiv1.1:acctU2ID:byIp:'.$request->ip();
if (RateLimiter::tooManyAttempts($userKey, $userLimit)) {
$limits = [
'X-Rate-Limit-Limit' => $userLimit,
'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
];
return $this->json(['error' => 'Too many attempts!'], 429, $limits);
}
RateLimiter::increment($userKey, $userDecay);
$limits = [
'X-Rate-Limit-Limit' => $userLimit,
'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
];
}
if ($rateLimiting) {
$userLimit = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.limit');
$userDecay = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.decay');
$userKey = 'pf:apiv1.1:acctU2ID:byUid:'.$request->user()->id;
if (RateLimiter::tooManyAttempts($userKey, $userLimit)) {
$limits = [
'X-Rate-Limit-Limit' => $userLimit,
'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
];
return $this->json(['error' => 'Too many attempts!'], 429, $limits);
}
RateLimiter::increment($userKey, $userDecay);
$limits = [
'X-Rate-Limit-Limit' => $userLimit,
'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
];
}
$accountId = AccountService::usernameToId($username, true);
if (! $accountId) {
return [];
}
$account = AccountService::get($accountId);
return $this->json($account, 200, $rateLimiting ? $limits : []);
}
}

18
config/api.php Normal file
View File

@ -0,0 +1,18 @@
<?php
return [
'rate-limits' => [
'v1Dot1' => [
'accounts' => [
'usernameToId' => [
'enabled' => env('PF_API_RL_V1DOT1_ACCT_U2ID_ENABLED', true),
'limit' => env('PF_API_RL_V1DOT1_ACCT_U2ID_LIMIT', 30),
'decay' => env('PF_API_RL_V1DOT1_ACCT_U2ID_DECAY', 120),
'ip_enabled' => env('PF_API_RL_V1DOT1_ACCT_U2ID_BY_IP_ENABLED', false),
'ip_limit' => env('PF_API_RL_V1DOT1_ACCT_U2ID_BY_IP_LIMIT', 30),
'ip_decay' => env('PF_API_RL_V1DOT1_ACCT_U2ID_BY_IP_DECAY', 120),
]
]
]
]
];

View File

@ -124,6 +124,7 @@ Route::group(['prefix' => 'api'], function() use($middleware) {
Route::get('emails-from-pixelfed', 'Api\ApiV1Dot1Controller@accountEmailsFromPixelfed')->middleware($middleware);
Route::get('apps-and-applications', 'Api\ApiV1Dot1Controller@accountApps')->middleware($middleware);
Route::get('mutuals/{id}', 'Api\ApiV1Dot1Controller@getMutualAccounts')->middleware($middleware);
Route::get('username/{username}', 'Api\ApiV1Dot1Controller@accountUsernameToId')->middleware($middleware);
});
Route::group(['prefix' => 'collections'], function () use($middleware) {