Limit login attempts in Laravel 5.7
Solution 1
u can do by two way
add laravel bulit in
throttle middleware
in route for exampleRoute::post("/user/login","LoginController@login")->middleware("throttle:10,2");
it will send 10 request per 2 minute
2.Use Built in Trait ThrottlesLogins
first of add ThrottlesLogins trait
in loginController and this line in login method
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if(attempt()) {
$this->clearLoginAttempts($request);
}else {
$this->incrementLoginAttempts($request);
}
if attempt successfully then add this line in attempt method
$this->clearLoginAttempts($request);
else fail login then add this line in else condition
$this->incrementLoginAttempts($request);
Solution 2
open you login controller
App\Http\Controllers\Auth\LoginController.php
and paste it
protected $maxAttempts = 1;
protected $decayMinutes = 1;
Solution 3
For Laravel 8 Developers you don't need to provide a trait or any thing because it is a build-in feature all you have to do is to put the middle ware chaining with the route you want to protect with limit rates like below
Route::post("/user/login",[LoginController::class,'login'])->middleware("throttle:10,2");
as same as @Jignesh Joisar explanation
Awar Pulldozer
Updated on September 03, 2022Comments
-
Awar Pulldozer over 1 year
I have Laravel 5.7 project with custom login. How can I let Laravel accept three login attempts after that redirect for page waiting to 2 or 3 min, etc?
public function loginPost(LoginRequest $request) { if (Auth::attempt(array('user_name' => $request->user_name, 'password' => $request->user_pass))) { if(Auth::check()) return redirect('/'); else return back(); } else { return "login faled call administrator"; } }
-
Marc almost 4 yearsThank you for this!