Laravel Framework Tutorials PHP & MySQL
When using a custom login controller by default it won't have the login throttling applied.
Login throttling will stop a user attempting to login repeatedly after a set number of login attempts has been made. When locked out no login's will be allowed until a set amount of time has passed.
To add this create a hasTooManyLoginAttempts method to your controller, inside the method set the number of login attempts allowed and the number of minutes a lockout will last for, in this example, 5 attempts are allowed if exceeded a lockout will happen for 10 minutes.
/**
* Determine if the user has too many failed login attempts.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function hasTooManyLoginAttempts(Request $request)
{
$attempts = 5;
$lockoutMinites = 10;
return $this->limiter()->tooManyAttempts(
$this->throttleKey($request), $attempts, $lockoutMinites
);
}
This method will get used as long as your login method called it like this:
public function login(Request $request)
{
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if ($this->attemptLogin($request)) {
return $this->sendLoginResponse($request);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
Subscribe to my newsletter for the latest updates on my books and digital products.
Find posts, tutorials, and resources quickly.
Subscribe to my newsletter for the latest updates on my books and digital products.
