|
|
@@ -945,4 +945,64 @@ class ApiV1Dot1Controller extends Controller
|
|
|
|
|
|
return $this->json($res);
|
|
|
}
|
|
|
+
|
|
|
+ public function accountUsernameToId(Request $request, $username)
|
|
|
+ {
|
|
|
+ abort_if(! $request->user() || ! $request->user()->token() || ! $username, 403);
|
|
|
+ abort_unless($request->user()->tokenCan('read'), 403);
|
|
|
+
|
|
|
+ $rateLimiting = (bool) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.enabled');
|
|
|
+ $ipRateLimiting = (bool) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_enabled');
|
|
|
+ if ($ipRateLimiting) {
|
|
|
+ $userLimit = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_limit');
|
|
|
+ $userDecay = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_decay');
|
|
|
+ $userKey = 'pf:apiv1.1:acctU2ID:byIp:'.$request->ip();
|
|
|
+
|
|
|
+ if (RateLimiter::tooManyAttempts($userKey, $userLimit)) {
|
|
|
+ $limits = [
|
|
|
+ 'X-Rate-Limit-Limit' => $userLimit,
|
|
|
+ 'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
|
|
|
+ 'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
|
|
|
+ ];
|
|
|
+
|
|
|
+ return $this->json(['error' => 'Too many attempts!'], 429, $limits);
|
|
|
+ }
|
|
|
+
|
|
|
+ RateLimiter::increment($userKey, $userDecay);
|
|
|
+ $limits = [
|
|
|
+ 'X-Rate-Limit-Limit' => $userLimit,
|
|
|
+ 'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
|
|
|
+ 'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
|
|
|
+ ];
|
|
|
+ }
|
|
|
+ if ($rateLimiting) {
|
|
|
+ $userLimit = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.limit');
|
|
|
+ $userDecay = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.decay');
|
|
|
+ $userKey = 'pf:apiv1.1:acctU2ID:byUid:'.$request->user()->id;
|
|
|
+
|
|
|
+ if (RateLimiter::tooManyAttempts($userKey, $userLimit)) {
|
|
|
+ $limits = [
|
|
|
+ 'X-Rate-Limit-Limit' => $userLimit,
|
|
|
+ 'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
|
|
|
+ 'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
|
|
|
+ ];
|
|
|
+
|
|
|
+ return $this->json(['error' => 'Too many attempts!'], 429, $limits);
|
|
|
+ }
|
|
|
+
|
|
|
+ RateLimiter::increment($userKey, $userDecay);
|
|
|
+ $limits = [
|
|
|
+ 'X-Rate-Limit-Limit' => $userLimit,
|
|
|
+ 'X-Rate-Limit-Remaining' => RateLimiter::remaining($userKey, $userLimit),
|
|
|
+ 'X-Rate-Limit-Reset' => RateLimiter::availableIn($userKey),
|
|
|
+ ];
|
|
|
+ }
|
|
|
+ $accountId = AccountService::usernameToId($username, true);
|
|
|
+ if (! $accountId) {
|
|
|
+ return [];
|
|
|
+ }
|
|
|
+ $account = AccountService::get($accountId);
|
|
|
+
|
|
|
+ return $this->json($account, 200, $rateLimiting ? $limits : []);
|
|
|
+ }
|
|
|
}
|
Daniel Supernault