Merge branch 'release/0.8.3'

Author: ljonesfl

.version.json

@@ -2,6 +2,6 @@
   "strategy": "semver",
   "major": 0,
   "minor": 8,
-  "patch": 2,
+  "patch": 3,
   "build": 0
 }

README.md

@@ -114,8 +114,6 @@ $router->get('/api/data', $handler, 'rate_limit');
 
 ### Configuration Options
 
-Rate limiting can be configured via array or environment variables:
-
 ```php
 // Array configuration
 $config = new RateLimitConfig([
@@ -127,13 +125,6 @@ $config = new RateLimitConfig([
     'redis_port' => 6379,
     'file_path' => 'cache/rate_limits'
 ]);
-
-// From settings/environment variables (flat structure)
-// RATE_LIMIT_ENABLED=true
-// RATE_LIMIT_STORAGE=redis
-// RATE_LIMIT_REQUESTS=100
-// RATE_LIMIT_WINDOW=3600
-$config = RateLimitConfig::fromSettings($settingsSource);
 ```
 
 ### Storage Backends
@@ -172,30 +163,6 @@ $config = new RateLimitConfig([
 ]);
 ```
 
-### Advanced Features
-
-#### Key Strategies
-Control how rate limits are applied:
-
-```php
-// Limit by IP address (default)
-$filter = new RateLimitFilter($config, 'ip');
-
-// Limit by authenticated user
-$filter = new RateLimitFilter($config, 'user');
-
-// Limit by IP + route combination
-$filter = new RateLimitFilter($config, 'route');
-
-// Custom key generation
-class CustomRateLimitFilter extends RateLimitFilter {
-    protected function getCustomKey(RouteMap $route): string {
-        // Your custom logic here
-        return $_SESSION['tenant_id'] ?? $this->getClientIp();
-    }
-}
-```
-
 #### Whitelisting and Blacklisting
 
 ```php

VERSIONLOG.md

@@ -1,3 +1,6 @@
+## 0.8.3 2025-11-12
+* Updated to use the IPResolver for rate limiting.
+
 ## 0.8.2 2025-11-11
 
 ## 0.8.1 2025-11-07

src/Routing/DefaultIpResolver.php

@@ -28,10 +28,10 @@ public function resolve( array $server ): string
 	{
 		// Check common proxy headers in order of preference
 		$headers = [
-			'HTTP_CF_CONNECTING_IP',     // Cloudflare
-			'HTTP_X_FORWARDED_FOR',       // Standard proxy
-			'HTTP_X_REAL_IP',            // Nginx
-			'HTTP_CLIENT_IP',            // Some proxies
+			'HTTP_CF_CONNECTING_IP',	// Cloudflare
+			'HTTP_X_FORWARDED_FOR',		// Standard proxy
+			'HTTP_X_REAL_IP',				// Nginx
+			'HTTP_CLIENT_IP',				// Some proxies
 		];
 
 		foreach( $headers as $header )
@@ -61,12 +61,12 @@ public function resolve( array $server ): string
 	 */
 	protected function extractFirstIp( string $ipString ): string
 	{
-		if( strpos( $ipString, ',' ) !== false )
+		if( str_contains( $ipString, ',' ) )
 		{
 			$ips = explode( ',', $ipString );
 			return trim( $ips[0] );
 		}
 
 		return trim( $ipString );
 	}
-}
+}

src/Routing/Filters/RateLimitFilter.php

@@ -8,6 +8,8 @@
 use Neuron\Routing\RateLimit\RateLimitResponse;
 use Neuron\Routing\RateLimit\Storage\IRateLimitStorage;
 use Neuron\Routing\RateLimit\Storage\RateLimitStorageFactory;
+use Neuron\Routing\IIpResolver;
+use Neuron\Routing\DefaultIpResolver;
 use Neuron\Patterns\Registry;
 use Neuron\Log\Log;
 
@@ -26,24 +28,29 @@ class RateLimitFilter extends Filter
 	private string $_keyStrategy;
 	private array $_whitelist;
 	private array $_blacklist;
+	private IIpResolver $_ipResolver;
 
 	/**
 	 * @param RateLimitConfig $config Rate limit configuration
 	 * @param string $keyStrategy Key generation strategy ('ip', 'user', 'route', 'custom')
 	 * @param array $whitelist IP addresses or user IDs to exempt from rate limiting
 	 * @param array $blacklist IP addresses or user IDs to apply stricter limits
+	 * @param IIpResolver|null $ipResolver Optional IP resolver (defaults to DefaultIpResolver)
+	 * @throws \Exception
 	 */
 	public function __construct(
 		RateLimitConfig $config,
 		string $keyStrategy = 'ip',
 		array $whitelist = [],
-		array $blacklist = []
+		array $blacklist = [],
+		?IIpResolver $ipResolver = null
 	)
 	{
 		$this->_config = $config;
 		$this->_keyStrategy = $keyStrategy;
 		$this->_whitelist = $whitelist;
 		$this->_blacklist = $blacklist;
+		$this->_ipResolver = $ipResolver ?? new DefaultIpResolver();
 
 		// Get base path from registry if available
 		$basePath = Registry::getInstance()->get( 'BasePath' ) ?? '';
@@ -59,7 +66,7 @@ function( RouteMap $route ) { $this->checkRateLimit( $route ); },
 	}
 
 	/**
-	 * Check rate limit for the current request.
+	 * Check the rate limit for the current request.
 	 *
 	 * @param RouteMap $route
 	 * @return void
@@ -112,45 +119,23 @@ protected function checkRateLimit( RouteMap $route ): void
 	 */
 	protected function generateKey( RouteMap $route ): string
 	{
-		switch( $this->_keyStrategy )
+		return match ( $this->_keyStrategy )
 		{
-			case 'ip':
-				return $this->getClientIp();
-
-			case 'user':
-				return $this->getUserId();
-
-			case 'route':
-				return $this->getClientIp() . ':' . $route->getPath();
-
-			case 'custom':
-				return $this->getCustomKey( $route );
-
-			default:
-				return $this->getClientIp();
-		}
+			'user' => $this->getUserId(),
+			'route' => $this->getClientIp() . ':' . $route->getPath(),
+			'custom' => $this->getCustomKey( $route ),
+			default => $this->getClientIp(),
+		};
 	}
 
 	/**
-	 * Get client IP address.
+	 * Get the client IP address using the configured IP resolver.
 	 *
 	 * @return string
 	 */
 	protected function getClientIp(): string
 	{
-		// Check for forwarded IP (proxy/load balancer)
-		if( !empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) )
-		{
-			$ips = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
-			return trim( $ips[0] );
-		}
-
-		if( !empty( $_SERVER['HTTP_X_REAL_IP'] ) )
-		{
-			return $_SERVER['HTTP_X_REAL_IP'];
-		}
-
-		return $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
+		return $this->_ipResolver->resolve( $_SERVER );
 	}
 
 	/**
@@ -173,7 +158,7 @@ protected function getUserId(): string
 	}
 
 	/**
-	 * Get custom key for rate limiting.
+	 * Get a custom key for rate limiting.
 	 *
 	 * @param RouteMap $route
 	 * @return string
@@ -224,7 +209,7 @@ protected function getLimit( string $key ): int
 	}
 
 	/**
-	 * Get time window for a key.
+	 * Get the time window for a key.
 	 *
 	 * @param string $key
 	 * @return int
@@ -236,7 +221,7 @@ protected function getWindow( string $key ): int
 	}
 
 	/**
-	 * Add rate limit headers to response.
+	 * Add the rate limit headers to response.
 	 *
 	 * @param string $key
 	 * @param int $limit
@@ -283,4 +268,4 @@ public function clear(): void
 	{
 		$this->_storage->clear();
 	}
-}
+}

tests/unit/RateLimit/RateLimitFilterTest.php

@@ -5,6 +5,8 @@
 use Neuron\Routing\RateLimit\RateLimitConfig;
 use Neuron\Routing\RouteMap;
 use Neuron\Routing\Router;
+use Neuron\Routing\IIpResolver;
+use Neuron\Routing\DefaultIpResolver;
 
 class RateLimitFilterTest extends TestCase
 {
@@ -192,11 +194,103 @@ public function testKeyStrategies()
 		$this->assertEquals('10.0.0.1:/test', $keyRoute);
 	}
 
+	public function testCustomIpResolver()
+	{
+		// Create a mock IP resolver that always returns a specific IP
+		$mockResolver = $this->createMock(IIpResolver::class);
+		$mockResolver->method('resolve')
+			->willReturn('203.0.113.42');
+
+		$config = new RateLimitConfig([
+			'enabled' => true,
+			'storage' => 'memory',
+			'requests' => 5,
+			'window' => 60
+		]);
+
+		$filter = new RateLimitFilter(
+			$config,
+			'ip',
+			[],
+			[],
+			$mockResolver
+		);
+
+		$route = new RouteMap('/test', function() { return 'test'; });
+
+		// Use reflection to verify the IP being used
+		$reflection = new ReflectionClass($filter);
+		$method = $reflection->getMethod('generateKey');
+		$method->setAccessible(true);
+
+		$key = $method->invoke($filter, $route);
+
+		// Should use the IP from our mock resolver
+		$this->assertEquals('203.0.113.42', $key);
+	}
+
+	public function testDefaultIpResolver()
+	{
+		// Test that DefaultIpResolver is used when no resolver is provided
+		$_SERVER['REMOTE_ADDR'] = '198.51.100.25';
+
+		$config = new RateLimitConfig([
+			'enabled' => true,
+			'storage' => 'memory',
+			'requests' => 5,
+			'window' => 60
+		]);
+
+		// Create filter without explicit IP resolver
+		$filter = new RateLimitFilter($config, 'ip');
+
+		$route = new RouteMap('/test', function() { return 'test'; });
+
+		// Use reflection to verify IP resolution
+		$reflection = new ReflectionClass($filter);
+		$method = $reflection->getMethod('generateKey');
+		$method->setAccessible(true);
+
+		$key = $method->invoke($filter, $route);
+
+		// Should use the IP from $_SERVER via DefaultIpResolver
+		$this->assertEquals('198.51.100.25', $key);
+	}
+
+	public function testCloudflareIpResolution()
+	{
+		// Test that Cloudflare headers are supported via DefaultIpResolver
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.1';
+		$_SERVER['HTTP_CF_CONNECTING_IP'] = '198.51.100.50';
+
+		$config = new RateLimitConfig([
+			'enabled' => true,
+			'storage' => 'memory',
+			'requests' => 5,
+			'window' => 60
+		]);
+
+		$filter = new RateLimitFilter($config, 'ip');
+
+		$route = new RouteMap('/test', function() { return 'test'; });
+
+		// Use reflection to verify IP resolution
+		$reflection = new ReflectionClass($filter);
+		$method = $reflection->getMethod('generateKey');
+		$method->setAccessible(true);
+
+		$key = $method->invoke($filter, $route);
+
+		// Should prioritize Cloudflare header
+		$this->assertEquals('198.51.100.50', $key);
+	}
+
 	protected function tearDown(): void
 	{
 		// Clean up server variables
 		unset($_SERVER['REMOTE_ADDR']);
 		unset($_SERVER['HTTP_X_FORWARDED_FOR']);
 		unset($_SERVER['HTTP_X_REAL_IP']);
+		unset($_SERVER['HTTP_CF_CONNECTING_IP']);
 	}
 }