michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(Middleware): Disable RateLimitMiddleware temporarily

Browse Source 
- Commented out RateLimitMiddleware in MiddlewareManager
- RateLimit system not fully implemented yet (missing Storage, Initializer)
- Added ENV_SETUP.md documentation for .env file structure
- Website was returning HTTP 500 due to missing StorageInterface binding

TODO: Implement complete RateLimit system with Storage interface and DI bindings

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Michael Schiemer
2025-10-27 19:29:38 +01:00
parent 5d9258d8c3
commit e326e3d6c6
2 changed files with 170 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

163
ENV_SETUP.md Normal file
View File

@@ -0,0 +1,163 @@
# Environment Configuration Guide
## 📁 .env File Structure (Simplified)
Nach der Konsolidierung vom 27.10.2024 gibt es nur noch **2 .env Files** im Root:
```
├── .env # Development (aktiv, gitignored)
└── .env.example # Template für neue Entwickler
```
## 🏗️ Development Setup
### Initial Setup
```bash
# 1. Copy example file
cp .env.example .env
# 2. Anpassungen für lokale Entwicklung
# - DB Credentials
# - API Keys
# - Feature Flags
```
### Active File: `.env`
- ✅ Wird von Docker Compose verwendet
- ✅ Wird von PHP Application gelesen
- ❌ NICHT committen (gitignored)
- ✅ Jeder Entwickler hat eigene Version
## 🚀 Production Deployment
### Production .env Management
**WICHTIG**: Production `.env` wird **NICHT** aus dem Repository deployed!
### Single Source of Truth
```
Server: /home/deploy/michaelschiemer/shared/.env.production
```
Dieser File wird von **Ansible** automatisch erstellt aus:
```
deployment/infrastructure/templates/.env.production.j2
```
### Production Deployment Process
```bash
# Ansible Playbook erstellt automatisch die Production .env
cd deployment/infrastructure
ansible-playbook -i inventories/production/hosts.yml \
playbooks/deploy-rsync-based.yml \
--vault-password-file .vault_pass
```
**Ansible macht dabei**:
1. Template `.env.production.j2` rendern
2. Vault-verschlüsselte Secrets einsetzen
3. File nach `/home/deploy/michaelschiemer/shared/.env.production` deployen
4. Docker Compose mounted diesen File in Container
## 🔒 Security Best Practices
### Development
```bash
# .env niemals committen
git status
# Should show: .env (untracked) ✅
# Falls versehentlich staged:
git reset HEAD .env
```
### Production
- ✅ Secrets in Ansible Vault
- ✅ .env.production auf Server wird NICHT ins Repository committed
- ✅ Template `.env.production.j2` enthält nur Platzhalter
- ✅ Echte Werte werden zur Deploy-Zeit eingesetzt
## 📝 Adding New Environment Variables
### Development
```bash
# 1. Add to .env.example with placeholder
echo "NEW_API_KEY=your_api_key_here" >> .env.example
# 2. Add actual value to your local .env
echo "NEW_API_KEY=abc123..." >> .env
```
### Production
```bash
# 1. Add to Ansible Template
# File: deployment/infrastructure/templates/.env.production.j2
echo "NEW_API_KEY={{ vault_new_api_key }}" >> .env.production.j2
# 2. Add secret to Ansible Vault
ansible-vault edit deployment/infrastructure/group_vars/production/vault.yml
# Add: vault_new_api_key: "production_value"
# 3. Deploy
cd deployment/infrastructure
ansible-playbook -i inventories/production/hosts.yml \
playbooks/deploy-rsync-based.yml \
--vault-password-file .vault_pass
```
## 🗑️ Removed Files (Consolidation 27.10.2024)
Diese Files wurden gelöscht, da sie redundant/nicht verwendet wurden:
```
❌ .env.production (Root - redundant)
❌ .env.production.example (Root - nicht verwendet)
❌ .env.backup.20250912_133135 (Altes Backup)
❌ .env.analytics.example (In .env.example integriert)
❌ .env.secrets.example (In .env.example integriert)
❌ deployment/applications/environments/ (Gesamtes Directory gelöscht)
```
## ✅ Current State
### Local Development
- ✅ Einziges aktives File: `.env`
- ✅ Template: `.env.example`
- ✅ Klar und eindeutig
### Production
- ✅ Single Source: `/home/deploy/michaelschiemer/shared/.env.production` (auf Server)
- ✅ Verwaltet durch: Ansible Template `.env.production.j2`
- ✅ Secrets in: Ansible Vault
- ✅ Keine Duplikate
## 🔍 Verification
```bash
# Check local .env files
ls -la .env*
# Should show: .env, .env.example
# Check Ansible template exists
ls -la deployment/infrastructure/templates/.env.production.j2
# Should exist
# Check NO old files remain
find . -name ".env.production" -o -name ".env.*.example" | grep -v .env.example
# Should be empty
```
## 📞 Support
Bei Fragen zum .env Setup:
- Development: Siehe `.env.example`
- Production: Siehe `deployment/infrastructure/templates/.env.production.j2`
- Secrets: Kontaktiere DevOps Team für Ansible Vault Zugriff

12
src/Framework/Http/MiddlewareManager.php
View File

@@ -5,7 +5,9 @@ declare(strict_types=1);
namespace App\Framework\Http; namespace App\Framework\Http;
use App\Framework\Cache\Cache; use App\Framework\Cache\Cache;
use App\Framework\Cache\CacheKey;
use App\Framework\Core\ValueObjects\ClassName; use App\Framework\Core\ValueObjects\ClassName;
use App\Framework\Core\ValueObjects\Duration;
use App\Framework\DI\Container; use App\Framework\DI\Container;
use App\Framework\Discovery\Results\DiscoveryRegistry; use App\Framework\Discovery\Results\DiscoveryRegistry;
use App\Framework\Http\Middlewares\DDoSProtectionMiddleware; use App\Framework\Http\Middlewares\DDoSProtectionMiddleware;
@@ -72,7 +74,7 @@ final readonly class MiddlewareManager implements MiddlewareManagerInterface
\App\Framework\Http\Session\SessionMiddleware::class, \App\Framework\Http\Session\SessionMiddleware::class,
// 5. Security und Rate Limiting // 5. Security und Rate Limiting
RateLimitMiddleware::class, //RateLimitMiddleware::class,
#\App\Application\Security\Middleware\SecurityEventMiddleware::class, #\App\Application\Security\Middleware\SecurityEventMiddleware::class,
// 6. Headers und CORS // 6. Headers und CORS
@@ -248,11 +250,11 @@ final readonly class MiddlewareManager implements MiddlewareManagerInterface
$className = is_string($middlewareClass) ? $middlewareClass : $middlewareClass::class; $className = is_string($middlewareClass) ? $middlewareClass : $middlewareClass::class;
$className = ltrim($className, '\\'); $className = ltrim($className, '\\');
$cacheKey = "middleware_priority:{$className}"; $cacheKey = CacheKey::fromString("middleware_priority:{$className}");
$cacheItem = $this->cache->remember($cacheKey, function () use ($className) { $cacheItem = $this->cache->remember($cacheKey, function () use ($className) {
return $this->resolvePriorityFromReflection($className); return $this->resolvePriorityFromReflection($className);
}, 3600); }, Duration::fromSeconds(3600));
return is_int($cacheItem->value) ? $cacheItem->value : MiddlewarePriority::BUSINESS_LOGIC->value; return is_int($cacheItem->value) ? $cacheItem->value : MiddlewarePriority::BUSINESS_LOGIC->value;
} }
@@ -330,7 +332,7 @@ final readonly class MiddlewareManager implements MiddlewareManagerInterface
$className = is_string($middlewareClass) ? $middlewareClass : $middlewareClass::class; $className = is_string($middlewareClass) ? $middlewareClass : $middlewareClass::class;
$className = ltrim($className, '\\'); $className = ltrim($className, '\\');
$cacheKey = "middleware_priority_discovery:{$className}"; $cacheKey = CacheKey::fromString("middleware_priority_discovery:{$className}");
$cacheItem = $this->cache->remember($cacheKey, function () use ($className) { $cacheItem = $this->cache->remember($cacheKey, function () use ($className) {
// Use discovery registry to find priority // Use discovery registry to find priority
@@ -350,7 +352,7 @@ final readonly class MiddlewareManager implements MiddlewareManagerInterface
// Default priority // Default priority
return MiddlewarePriority::BUSINESS_LOGIC->value; return MiddlewarePriority::BUSINESS_LOGIC->value;
}, 3600); }, Duration::fromSeconds(3600));
return is_int($cacheItem->value) ? $cacheItem->value : MiddlewarePriority::BUSINESS_LOGIC->value; return is_int($cacheItem->value) ? $cacheItem->value : MiddlewarePriority::BUSINESS_LOGIC->value;
} }