admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36456e8dfe0470a8d169c67f67c0cd77f8b8a8c2
e-ticket/tests/EventSubscriber/RateLimiterSubscriberTest.php
Serreau Jovann 36456e8dfe Add rate limiting on login, order, invitation, contact routes 
- Login: 5 attempts / 15 min (Symfony login_throttling)
- Order create: 10 / 5 min (sliding window)
- Invitation respond/register: 5 / 15 min
- Contact form: 3 / 10 min
- RateLimiterSubscriber with route-to-limiter mapping
- Returns 429 when rate limited

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 20:01:01 +01:00

66 lines
1.9 KiB
PHP
Raw Blame History

<?php
namespace App\Tests\EventSubscriber;
use App\EventSubscriber\RateLimiterSubscriber;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
class RateLimiterSubscriberTest extends TestCase
{
public function testSubscribedEvents(): void
{
$events = RateLimiterSubscriber::getSubscribedEvents();
self::assertArrayHasKey(KernelEvents::REQUEST, $events);
}
public function testIgnoresNonMappedRoutes(): void
{
$subscriber = new RateLimiterSubscriber([]);
$request = new Request();
$request->attributes->set('_route', 'app_home');
$kernel = $this->createMock(HttpKernelInterface::class);
$event = new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST);
$subscriber->onKernelRequest($event);
self::assertNull($event->getResponse());
}
public function testIgnoresSubRequests(): void
{
$subscriber = new RateLimiterSubscriber([]);
$request = new Request();
$request->attributes->set('_route', 'app_order_create');
$kernel = $this->createMock(HttpKernelInterface::class);
$event = new RequestEvent($kernel, $request, HttpKernelInterface::SUB_REQUEST);
$subscriber->onKernelRequest($event);
self::assertNull($event->getResponse());
}
public function testIgnoresMappedRouteWithMissingLimiter(): void
{
$subscriber = new RateLimiterSubscriber([]);
$request = new Request();
$request->attributes->set('_route', 'app_order_create');
$kernel = $this->createMock(HttpKernelInterface::class);
$event = new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST);
$subscriber->onKernelRequest($event);
self::assertNull($event->getResponse());
}
}
Reference in New Issue View Git Blame Copy Permalink