configureRateLimiting(); $this->routes(function () { Route::middleware('api') ->prefix('api') ->group(base_path('routes/api.php')); Route::middleware('web') ->group(base_path('routes/web.php')); }); Route::macro('apiAttachmentResource', function ($uri, $controller) { $singularUri = Str::singular($uri); Route::get("$uri/{$singularUri}/attachments", [$controller, 'getAttachments']) ->name("$singularUri.attachments.index"); Route::post("$uri/{$singularUri}/attachments", [$controller, 'storeAttachment']) ->name("$singularUri.attachments.store"); Route::match(['put', 'patch'], "$uri/{$singularUri}/attachments", [$controller, 'updateAttachments']) ->name("$singularUri.attachments.update"); Route::delete("$uri/{$singularUri}/attachments/{medium}", [$controller, 'deleteAttachment']) ->name("$singularUri.attachments.destroy"); }); } /** * Configure the rate limiters for the application. * * @return void */ protected function configureRateLimiting() { // RateLimiter::for('api', function (Request $request) { // return Limit::perMinute(60)->by($request->user()?->id !== null ?: $request->ip()); // }); $rateLimitEnabled = true; $user = auth()->user(); if (app()->environment('testing')) { $rateLimitEnabled = false; } elseif ($user !== null && $user->hasPermission('admin/ratelimit') === true) { // Admin users with the "admin/ratelimit" permission are not rate limited $rateLimitEnabled = false; } if ($rateLimitEnabled === true) { RateLimiter::for('api', function (Request $request) { return Limit::perMinute(180)->by($request->user()?->id ?: $request->ip()); }); } else { RateLimiter::for('api', function () { return Limit::none(); }); } } }