[英]Limit login attempts in Laravel 5.7
I have Laravel 5.7 project with custom login.我有带有自定义登录的 Laravel 5.7 项目。 How can I let Laravel accept three login attempts after that redirect for page waiting to 2 or 3 min, etc?
在重定向页面等待 2 或 3 分钟等之后,如何让 Laravel 接受三次登录尝试?
public function loginPost(LoginRequest $request)
{
if (Auth::attempt(array('user_name' => $request->user_name, 'password' => $request->user_pass)))
{
if(Auth::check())
return redirect('/');
else
return back();
}
else
{
return "login faled call administrator";
}
}
u can do by two way
你可以通过两种方式做
add laravel bulit in throttle middleware
in route for example例如,在路由中的
throttle middleware
中添加 Laravel bulit
Route::post("/user/login","LoginController@login")->middleware("throttle:10,2");
it will send 10 request per 2 minute
它将每 2 分钟发送 10 个请求
2.Use Built in Trait ThrottlesLogins
2. 使用内置的
Trait ThrottlesLogins
first of add ThrottlesLogins trait
in loginController and this line in login method首先在 loginController 中添加
ThrottlesLogins trait
,在 login 方法中添加这一行
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if(attempt()) {
$this->clearLoginAttempts($request);
}else {
$this->incrementLoginAttempts($request);
}
if attempt successfully then add this line in attempt method
如果尝试成功,则在尝试方法中添加此行
$this->clearLoginAttempts($request);
else fail login then add this line in else condition
else 登录失败,然后在 else 条件中添加此行
$this->incrementLoginAttempts($request);
open you login controller打开你的登录控制器
App\Http\Controllers\Auth\LoginController.php
and paste it并粘贴它
protected $maxAttempts = 1;
protected $decayMinutes = 1;
you need to use ThrottlesLogins
trait in your controller and then you can controll it via properies maxAttempts
/ decayMinutes
你需要在你的控制器中使用
ThrottlesLogins
trait,然后你可以通过maxAttempts
/ decayMinutes
来控制它
....
class TagController extends Controller
{
use ThrottlesLogins;
protected $maxAttempts = 5;
protected $decayMinutes = 1;
...
Open App\\Http\\Controllers\\Auth\\AuthController.php and add these lines:打开 App\\Http\\Controllers\\Auth\\AuthController.php 并添加以下行:
protected $maxLoginAttempts = 10;
protected $lockoutTime = 120;
For Laravel 8 Developers you don't need to provide a trait or any thing because it is a build-in feature all you have to do is to put the middle ware chaining with the route you want to protect with limit rates like below对于 Laravel 8 开发人员,您不需要提供 trait 或任何东西,因为它是一个内置功能,您所要做的就是将中间件与您想要保护的路线链接起来,限制率如下所示
Route::post("/user/login",[LoginController::class,'login'])->middleware("throttle:10,2");
as same as @Jignesh Joisar explanation与@Jignesh Joisar 解释相同
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.