[10.x] Add shouldHashKeys to ThrottleRequests middleware (#47368)

* Add shouldHashKeys to be able to set throttle store key names

* set shouldHashKeys default to true

* Styleci adjustments

* formatting

* formatting

* remove type

* formatting

---------

Co-authored-by: Taylor Otwell <[email protected]>

Author: fosron

src/Illuminate/Routing/Middleware/ThrottleRequests.php

@@ -23,6 +23,13 @@ class ThrottleRequests
      */
     protected $limiter;
 
+    /**
+     * Indicates if the rate limiter keys should be hashed.
+     *
+     * @var bool
+     */
+    protected static $shouldHashKeys = true;
+
     /**
      * Create a new request throttler.
      *
@@ -120,7 +127,7 @@ protected function handleRequestUsingNamedLimiter($request, Closure $next, $limi
             $next,
             collect(Arr::wrap($limiterResponse))->map(function ($limit) use ($limiterName) {
                 return (object) [
-                    'key' => md5($limiterName.$limit->key),
+                    'key' => self::$shouldHashKeys ? md5($limiterName.$limit->key) : $limiterName.':'.$limit->key,
                     'maxAttempts' => $limit->maxAttempts,
                     'decayMinutes' => $limit->decayMinutes,
                     'responseCallback' => $limit->responseCallback,
@@ -193,9 +200,9 @@ protected function resolveMaxAttempts($request, $maxAttempts)
     protected function resolveRequestSignature($request)
     {
         if ($user = $request->user()) {
-            return sha1($user->getAuthIdentifier());
+            return $this->formatIdentifier($user->getAuthIdentifier());
         } elseif ($route = $request->route()) {
-            return sha1($route->getDomain().'|'.$request->ip());
+            return $this->formatIdentifier($route->getDomain().'|'.$request->ip());
         }
 
         throw new RuntimeException('Unable to generate the request signature. Route unavailable.');
@@ -299,4 +306,26 @@ protected function calculateRemainingAttempts($key, $maxAttempts, $retryAfter =
     {
         return is_null($retryAfter) ? $this->limiter->retriesLeft($key, $maxAttempts) : 0;
     }
+
+    /**
+     * Format the given identifier based on the configured hashing settings.
+     *
+     * @param  string  $value
+     * @return string
+     */
+    private function formatIdentifier($value)
+    {
+        return self::$shouldHashKeys ? sha1($value) : $value;
+    }
+
+    /**
+     * Specify whether rate limiter keys should be hashed.
+     *
+     * @param  bool  $shouldHashKeys
+     * @return void
+     */
+    public static function shouldHashKeys(bool $shouldHashKeys = true)
+    {
+        self::$shouldHashKeys = $shouldHashKeys;
+    }
 }