2e5cd499b9
Add missing files from P1-040/P1-041 implementation: - CheckoutRateLimitException for 429 responses when rate limit exceeded - FraudAssessment data object for fraud scoring results - FraudService for velocity checks and Stripe Radar integration - Register services in Boot.php - Add fraud detection configuration in config.php - Add CouponServiceTest for input sanitisation The CheckoutRateLimiter (already tracked) is now properly integrated with the exception handling, and the FraudService provides defence-in-depth with velocity-based and geo-anomaly detection. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
44 lines
1 KiB
PHP
44 lines
1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Core\Mod\Commerce\Exceptions;
|
|
|
|
use Exception;
|
|
|
|
/**
|
|
* Exception thrown when checkout rate limit is exceeded.
|
|
*
|
|
* Prevents card testing attacks by limiting checkout session creation.
|
|
*/
|
|
class CheckoutRateLimitException extends Exception
|
|
{
|
|
/**
|
|
* Create a new checkout rate limit exception.
|
|
*
|
|
* @param string $message The error message
|
|
* @param int $retryAfter Seconds until rate limit resets
|
|
*/
|
|
public function __construct(
|
|
string $message = 'Too many checkout attempts. Please wait before trying again.',
|
|
protected int $retryAfter = 0
|
|
) {
|
|
parent::__construct($message);
|
|
}
|
|
|
|
/**
|
|
* Get the number of seconds until the rate limit resets.
|
|
*/
|
|
public function getRetryAfter(): int
|
|
{
|
|
return $this->retryAfter;
|
|
}
|
|
|
|
/**
|
|
* Get the number of minutes until the rate limit resets (rounded up).
|
|
*/
|
|
public function getRetryAfterMinutes(): int
|
|
{
|
|
return (int) ceil($this->retryAfter / 60);
|
|
}
|
|
}
|