Automattic\WooCommerce\StoreApi
Authentication::apply_rate_limiting()
Applies Rate Limiting to the request, and passes through any errors from other authentication methods used before this one.
Method of the class: Authentication{}
Hooks from the method
Return
\WP_Error|null|true|false
.
Usage
// protected - for code of main (parent) or child class $result = $this->apply_rate_limiting( $result );
- $result(\WP_Error|mixed) (required)
- Error from another authentication handler, null if we should handle it, or another value if not.
Authentication::apply_rate_limiting() Authentication::apply rate limiting code WC 9.6.0
protected function apply_rate_limiting( $result ) { $rate_limiting_options = RateLimits::get_options(); if ( $rate_limiting_options->enabled ) { $action_id = 'store_api_request_'; if ( is_user_logged_in() ) { $action_id .= get_current_user_id(); } else { $ip_address = self::get_ip_address( $rate_limiting_options->proxy_support ); $action_id .= md5( $ip_address ); } $retry = RateLimits::is_exceeded_retry_after( $action_id ); $server = rest_get_server(); $server->send_header( 'RateLimit-Limit', $rate_limiting_options->limit ); if ( false !== $retry ) { $server->send_header( 'RateLimit-Retry-After', $retry ); $server->send_header( 'RateLimit-Remaining', 0 ); $server->send_header( 'RateLimit-Reset', time() + $retry ); $ip_address = $ip_address ?? self::get_ip_address( $rate_limiting_options->proxy_support ); /** * Fires when the rate limit is exceeded. * * @since 8.9.0 * * @param string $ip_address The IP address of the request. */ do_action( 'woocommerce_store_api_rate_limit_exceeded', $ip_address ); return new \WP_Error( 'rate_limit_exceeded', sprintf( 'Too many requests. Please wait %d seconds before trying again.', $retry ), array( 'status' => 400 ) ); } $rate_limit = RateLimits::update_rate_limit( $action_id ); $server->send_header( 'RateLimit-Remaining', $rate_limit->remaining ); $server->send_header( 'RateLimit-Reset', $rate_limit->reset ); } return $result; }