Disallow API access to banned users

lmao??

VKAPI/Handlers/VKAPIRequestHandler.php

@@ -1,7 +1,9 @@
 <?php declare(strict_types=1);
 namespace openvk\VKAPI\Handlers;
 use openvk\VKAPI\Exceptions\APIErrorException;
+use openvk\Web\Models\Entities\IP;
 use openvk\Web\Models\Entities\User;
+use openvk\Web\Models\Repositories\IPs;
 
 abstract class VKAPIRequestHandler
 {
@@ -39,4 +41,19 @@ abstract class VKAPIRequestHandler
         if(!$this->userAuthorized())
             $this->fail(5, "User authorization failed: no access_token passed.");
     }
+    
+    protected function willExecuteWriteAction(): void
+    {
+        $ip  = (new IPs)->get(CONNECTING_IP);
+        $res = $ip->rateLimit();
+    
+        if(!($res === IP::RL_RESET || $res === IP::RL_CANEXEC)) {
+            if($res === IP::RL_BANNED && OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["rateLimits"]["autoban"]) {
+                $this->user->ban("User account has been suspended for breaking API terms of service", false);
+                $this->fail(18, "User account has been suspended due to repeated violation of API rate limits.");
+            }
+            
+            $this->fail(29, "You have been rate limited.");
+        }
+    }
 }

Web/Presenters/VKAPIPresenter.php

@@ -204,6 +204,9 @@ final class VKAPIPresenter extends OpenVKPresenter
             }
         }
         
+        if(!is_null($identity) && $identity->isBanned())
+            $this->fail(18, "User account is deactivated", $object, $method);
+        
         $object       = ucfirst(strtolower($object));
         $handlerClass = "openvk\\VKAPI\\Handlers\\$object";
         if(!class_exists($handlerClass))