Disable turnstile globally, or if redis is selected for storage

maccabeelevine · Dec 16, 2024 · 4a4da10 · 4a4da10
1 parent e300edc
commit 4a4da10
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 5 deletions.
diff --git a/config/vufind/RateLimiter.yaml b/config/vufind/RateLimiter.yaml
@@ -158,6 +158,8 @@ Policies:
 # - storage settings for the result cache
 # And see the required config in contentsecuritypolicy.ini if CSP is used.
 #Turnstile:
+  #enabled: false
+
   # These two keys are required. See also values they can be set to for testing purposes:
   # https://developers.cloudflare.com/turnstile/troubleshooting/testing/
   #siteKey: 0x1234567890

diff --git a/module/VuFind/src/VuFind/RateLimiter/RateLimiterManager.php b/module/VuFind/src/VuFind/RateLimiter/RateLimiterManager.php
@@ -56,6 +56,13 @@ class RateLimiterManager implements LoggerAwareInterface, TranslatorAwareInterfa
     use LoggerAwareTrait;
     use TranslatorAwareTrait;
 
+    /**
+     * Turnstile service
+     *
+     * @var Turnstile
+     */
+    protected $turnstile = null;
+
     /**
      * Current event description for logging
      *
@@ -77,15 +84,13 @@ class RateLimiterManager implements LoggerAwareInterface, TranslatorAwareInterfa
      * @param string         $clientIp                   Client's IP address
      * @param ?int           $userId                     User ID or null if not logged in
      * @param Closure        $rateLimiterFactoryCallback Rate limiter factory callback
-     * @param Turnstile      $turnstile                  Turnstile service
      * @param IpAddressUtils $ipUtils                    IP address utilities
      */
     public function __construct(
         protected array $config,
         protected string $clientIp,
         protected ?int $userId,
         protected Closure $rateLimiterFactoryCallback,
-        protected Turnstile $turnstile,
         protected IpAddressUtils $ipUtils
     ) {
         $this->clientLogDetails = "ip:$clientIp";
@@ -94,6 +99,18 @@ public function __construct(
         }
     }
 
+    /**
+     * Set the turnstile service instance.
+     *
+     * @param Turnstile $turnstile Turnstile service
+     *
+     * @return void
+     */
+    public function setTurnstile(Turnstile $turnstile)
+    {
+        $this->turnstile = $turnstile;
+    }
+
     /**
      * Check if rate limiter is enabled
      *
@@ -152,7 +169,7 @@ public function check(EventInterface $event): array
             if (
                 $limit->isAccepted() &&
                 ($this->config['Policies'][$policyId]['turnstileRateLimiterSettings'] ?? false) &&
-                $this->turnstile->isChallengeAllowed($event)
+                $this->turnstile?->isChallengeAllowed($event)
             ) {
                 $turnstileLimiter = ($this->rateLimiterFactoryCallback)(
                     $this->config,

diff --git a/module/VuFind/src/VuFind/RateLimiter/RateLimiterManagerFactory.php b/module/VuFind/src/VuFind/RateLimiter/RateLimiterManagerFactory.php
@@ -87,14 +87,23 @@ public function __invoke(
         $authManager = $container->get(\VuFind\Auth\Manager::class);
         $request = $container->get('Request');
 
-        return new $requestedName(
+        $rateLimiterManager = new $requestedName(
             $config,
             $request->getServer('REMOTE_ADDR'),
             $authManager->getUserObject()?->getId(),
             Closure::fromCallable([$this, 'getRateLimiter']),
-            $container->get(\VuFind\RateLimiter\Turnstile\Turnstile::class),
             $container->get(\VuFind\Net\IpAddressUtils::class)
         );
+
+        if (
+            ($config['Turnstile']['enabled'] ?? false)
+            && (strtolower($config['Storage']['adapter']) != 'redis')
+        ) {
+            $turnstile = $container->get(\VuFind\RateLimiter\Turnstile\Turnstile::class);
+            $rateLimiterManager->setTurnstile($turnstile);
+        }
+
+        return $rateLimiterManager;
     }
 
     /**