Composer
首页 包列表 提交包 常见问题 关于

承接 hettiger/spa-honeypot 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

hettiger/spa-honeypot

最新稳定版本:v0.3.0

Composer 安装命令:

composer require hettiger/spa-honeypot

包简介

Honeypot package for Single Page Applications

关键字:

# laravel # hettiger # spa-honeypot

README 文档

README

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

Helps to protect SPA's (Single Page Applications) against SPAM without using cookies or user input.

Installation

composer require hettiger/spa-honeypot
php artisan spa-honeypot:install

Usage

  1. Add the form.honeypot, form.token or form middleware to a forms target route
Route::post('form', fn () => 'OK')->middleware('form');

The form middleware group simply combines form.honeypot and form.token so you don't have to. Using just form.token protection without the form.honeypot middleware or vise versa is supported.

  1. Use one of the corresponding frontend libraries to make form token requests

Lighthouse GraphQL API

  1. Add the form.token.handle middleware to the lighthouse.route.middleware config
// config/lighthouse.php — must be published

'middleware' => [
    // …

    'form.token.handle',
],
  1. Register the honeypot scalar in your graphql/schema.graphql file
scalar Honeypot @scalar(class: "Hettiger\\Honeypot\\GraphQL\\Scalars\\HoneypotScalar")

# …
  1. Add a honeypot field to any input that you want to protect against SPAM
input SendContactRequestInput {
    # …
    honey: Honeypot
}

The field config is not being used in GraphQL context.

  1. Add the @requireFormToken directive to any field that you want to protect against SPAM
# e.g. graphql/contact.graphql

extend type Mutation {
    sendContactRequest(input: SendContactRequestInput): SendContactRequestPayload @requireFormToken
}
  1. Use one of the corresponding frontend libraries to make form token requests

Customizing Responses

You may provide custom error response factories using the config:

return [
    // …
    
    'honeypot_error_response_factory' => \Hettiger\Honeypot\ErrorResponseFactory::class,
    'form_token_error_response_factory' => \Hettiger\Honeypot\ErrorResponseFactory::class,
];

Alternatively you can provide a simple Closure anywhere in your application:

use Hettiger\Honeypot\Facades\Honeypot;
use Illuminate\Support\ServiceProvider;

class AppServiceProvider extends ServiceProvider
{
    // …

    public function boot()
    {
        $errorResponseFactory = fn (bool $isGraphQLRequest) => $isGraphQLRequest
            ? ['errors' => [['message' => 'Whoops, something went wrong …']]]
            : 'Whoops, something went wrong …';

        Honeypot::respondToHoneypotErrorsUsing($errorResponseFactory);
        Honeypot::respondToFormTokenErrorsUsing($errorResponseFactory);
    }
}

You don't have to worry about adding the form token header yourself. It'll be added for you automatically.

Testing

composer test

Frontend Libraries

Changelog

Please see CHANGELOG for more information on what has changed recently.

Credits

License

The MIT License (MIT). Please see License File for more information.

统计信息

  • 总下载量: 215
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 2
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-12-30