From 12f2b39ccd37433e2ef4cfd08c178bd59634226c Mon Sep 17 00:00:00 2001
From: Charles <ce.marguerite@sudalys.fr>
Date: Mon, 15 Dec 2025 14:16:14 +0100
Subject: [PATCH] added rate limiter for log in

---
 .idea/Easy_solution.iml          |  1 +
 .idea/php.xml                    |  1 +
 composer.json                    |  1 +
 composer.lock                    | 76 +++++++++++++++++++++++++++++++-
 config/packages/security.yaml    |  3 ++
 config/packages/translation.yaml |  2 +-
 translations/security.fr.yaml    |  1 +
 7 files changed, 83 insertions(+), 2 deletions(-)
 create mode 100644 translations/security.fr.yaml

diff --git a/.idea/Easy_solution.iml b/.idea/Easy_solution.iml
index c9acc92..5c18800 100644
--- a/.idea/Easy_solution.iml
+++ b/.idea/Easy_solution.iml
@@ -18,6 +18,7 @@
       <excludeFolder url="file://$MODULE_DIR$/vendor/mtdowling/jmespath.php" />
       <excludeFolder url="file://$MODULE_DIR$/vendor/psr/http-client" />
       <excludeFolder url="file://$MODULE_DIR$/vendor/ralouphie/getallheaders" />
+      <excludeFolder url="file://$MODULE_DIR$/vendor/symfony/rate-limiter" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
diff --git a/.idea/php.xml b/.idea/php.xml
index 69a5912..26549ad 100644
--- a/.idea/php.xml
+++ b/.idea/php.xml
@@ -180,6 +180,7 @@
       <path value="$PROJECT_DIR$/vendor/psr/http-client" />
       <path value="$PROJECT_DIR$/vendor/twig/extra-bundle" />
       <path value="$PROJECT_DIR$/vendor/staabm/side-effects-detector" />
+      <path value="$PROJECT_DIR$/vendor/symfony/rate-limiter" />
     </include_path>
   </component>
   <component name="PhpProjectSharedConfiguration" php_language_level="8.2" />
diff --git a/composer.json b/composer.json
index 2d80707..20e0ac9 100644
--- a/composer.json
+++ b/composer.json
@@ -39,6 +39,7 @@
         "symfony/process": "7.2.*",
         "symfony/property-access": "7.2.*",
         "symfony/property-info": "7.2.*",
+        "symfony/rate-limiter": "7.2.*",
         "symfony/runtime": "7.2.*",
         "symfony/security-bundle": "7.2.*",
         "symfony/serializer": "7.2.*",
diff --git a/composer.lock b/composer.lock
index dfb1b38..8611449 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "1b2e89b80b579953618c7e61c6b76560",
+    "content-hash": "00e62b0a959e7b09d4b1fdb7e0501549",
     "packages": [
         {
             "name": "aws/aws-crt-php",
@@ -7684,6 +7684,80 @@
             ],
             "time": "2024-09-26T08:57:56+00:00"
         },
+        {
+            "name": "symfony/rate-limiter",
+            "version": "v7.2.9",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/rate-limiter.git",
+                "reference": "daae5da398aca84809aa6088371314a9cb88b42e"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/rate-limiter/zipball/daae5da398aca84809aa6088371314a9cb88b42e",
+                "reference": "daae5da398aca84809aa6088371314a9cb88b42e",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=8.2",
+                "symfony/options-resolver": "^6.4|^7.0"
+            },
+            "require-dev": {
+                "psr/cache": "^1.0|^2.0|^3.0",
+                "symfony/lock": "^6.4|^7.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Symfony\\Component\\RateLimiter\\": ""
+                },
+                "exclude-from-classmap": [
+                    "/Tests/"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Wouter de Jong",
+                    "email": "wouter@wouterj.nl"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Provides a Token Bucket implementation to rate limit input and output in your application",
+            "homepage": "https://symfony.com",
+            "keywords": [
+                "limiter",
+                "rate-limiter"
+            ],
+            "support": {
+                "source": "https://github.com/symfony/rate-limiter/tree/v7.2.9"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://github.com/nicolas-grekas",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2025-07-10T08:29:33+00:00"
+        },
         {
             "name": "symfony/routing",
             "version": "v7.2.9",
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 18e4e11..58afd30 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -42,6 +42,9 @@ security:
             user_checker: App\Security\UserChecker
             lazy: true
             provider: app_user_provider
+            login_throttling:
+                max_attempts: 3
+                interval: '1 minute'
             form_login:
                 login_path: app_login
                 check_path: app_login
diff --git a/config/packages/translation.yaml b/config/packages/translation.yaml
index b3f8f9c..0af682d 100644
--- a/config/packages/translation.yaml
+++ b/config/packages/translation.yaml
@@ -1,5 +1,5 @@
 framework:
-    default_locale: en
+    default_locale: fr
     translator:
         default_path: '%kernel.project_dir%/translations'
         fallbacks:
diff --git a/translations/security.fr.yaml b/translations/security.fr.yaml
new file mode 100644
index 0000000..2645ca3
--- /dev/null
+++ b/translations/security.fr.yaml
@@ -0,0 +1 @@
+"Too many failed login attempts, please try again later.": "Trop de tentatives de connexion. Veuillez réessayer plus tard."
\ No newline at end of file