STEMMechanics/Website
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

added bot checks

Browse Source
This commit is contained in:
James Collins
2025-11-16 23:00:21 +10:00
parent 75d958856a
commit 0bcd6f5e86
1 changed files with 31 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
app/Livewire/EmailSubscribe.php
View File

@@ -14,14 +14,20 @@ class EmailSubscribe extends Component
public bool $success = false;
public string $message = '';
public string $trap = '';
public int $renderedAt; // unix timestamp
protected $rules = [
'email' => 'required|email|max:255',
];
public function mount()
{
$this->renderedAt = now()->timestamp;
}
public function subscribe(): void
{
// Honeypot - if this hidden field is filled, treat as success but do nothing
// 1. Honeypot - if this hidden field is filled, treat as success but do nothing
if (! empty($this->trap)) {
$this->reset(['email', 'trap']);
$this->success = true;
@@ -29,14 +35,30 @@ class EmailSubscribe extends Component
return;
}
// Simple rate limiting per session
// $attempts = session('subscribe_attempts', 0);
// if ($attempts >= 5) {
// $this->success = false;
// $this->message = 'Too many attempts. Please try again in a little while.';
// return;
// }
// session(['subscribe_attempts' => $attempts + 1]);
// 2. Block submits in first 10 seconds after render
if (now()->timestamp - $this->renderedAt < 10) {
$this->success = false;
$this->message = 'That was a bit quick. Please wait a few seconds and try again.';
return;
}
// 3. Enforce 30 seconds between attempts per session
$lastAttempt = session('subscribe_last_attempt');
if ($lastAttempt && now()->diffInSeconds($lastAttempt) < 30) {
$this->success = false;
$this->message = 'Please wait a little before trying again.';
return;
}
session(['subscribe_last_attempt' => now()]);
// 4. Limit to 5 attempts per session (your existing logic)
$attempts = session('subscribe_attempts', 0);
if ($attempts >= 5) {
$this->success = false;
$this->message = 'Too many attempts. Please try again in a little while.';
return;
}
session(['subscribe_attempts' => $attempts + 1]);
$this->validate();