inxilpro · shengslogar · Oct 2, 2024
diff --git a/app/Http/Controllers/Controller.php b/app/Http/Controllers/Controller.php
@@ -2,7 +2,9 @@
 
 namespace App\Http\Controllers;
 
-abstract class Controller
+use Illuminate\Routing\Controller as BaseController;
+
+abstract class Controller extends BaseController
 {
     //
 }
diff --git a/app/Http/Controllers/PhoneNumberController.php b/app/Http/Controllers/PhoneNumberController.php
@@ -3,11 +3,34 @@
 namespace App\Http\Controllers;
 
 use App\Models\PhoneNumber;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\RateLimiter;
 use Illuminate\Contracts\Database\Query\Builder;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
+use Closure;
 
 class PhoneNumberController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware(function (Request $request, Closure $next): Response {
+            // Allow 10 requests every 30 seconds
+            $response = RateLimiter::attempt(
+                key: $request->route()->getName(),
+                maxAttempts: 10,
+                callback: fn() => $next($request),
+                decaySeconds: 30,
+            );
+
+            if (!$response) {
+                return response()->view('phone-number-rate-limited');
+            }
+
+            return $response;
+        });
+    }
+
     public function __invoke(string $phone_number)
     {
         $e164 = e164($phone_number);

diff --git a/app/Http/Controllers/SearchController.php b/app/Http/Controllers/SearchController.php
@@ -13,8 +13,6 @@ public function __invoke(SearchRequest $request)
             phone_number: $request->validated('phone_number'),
         );
 
-        // TODO: Rate limit this
-
         return to_route('phone-number', $phone_number);
     }
 }
diff --git a/resources/views/home.blade.php b/resources/views/home.blade.php
@@ -9,10 +9,8 @@
     <div class="max-w-lg mt-6 prose-sm">
         <p>
             If you are looking for information on a loved one, they may have checked in with us. We have provided a
-            phone
-            number to local media where people can send SMS updates about their well-being. You can search for your
-            loved one
-            using their phone number below:
+            phone number to local media where people can send SMS updates about their well-being. You can search for
+            your loved one using their phone number below:
         </p>
     </div>
 

diff --git a/resources/views/phone-number-rate-limited.blade.php b/resources/views/phone-number-rate-limited.blade.php
@@ -0,0 +1,17 @@
+<x-app-layout>
+
+    <div class="mt-6">
+
+        <h2 class="pb-2 text-xl font-semibold tracking-tight border-b text-slate-800 border-slate-300">
+            Check-ins
+        </h2>
+
+        <div class="mt-6 prose-sm">
+            <p>
+                You've made a few too many requests. Please wait a few moments before refreshing this page to try again.
+            </p>
+        </div>
+
+    </div>
+
+</x-app-layout>