How to use Login Throttle in Laravel?
login throttle is for security purpose, throttle will help to block user for sometime if he write wrong username and password many times. Like, if you want to give 5 try to login with wrong password but if he will 6 try then it will block for 1 minute or 5minutes as we set. So, it will very secure for our laravel application.
Laravel framework provide inbuild throttling for login. Laravel manage throttle using cache facade. In this post i added whole AuthController file code that way you can understand very well. you can see loginPost method and understand how it works.
AuthController.php
namespace App\Http\Controllers\Auth;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use Illuminate\Http\Request;
class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
public function loginPost(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required',
]);
/*If the class is using the ThrottlesLogins trait, we can automatically throttle
the login attempts for this application. We'll key this by the username and
the IP address of the client making these requests into this application.*/
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
$key = $this->getThrottleKey($request).':lockout';
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
$input = $request->input();
if (auth()->attempt(array('email' => $input['email'], 'password' => $input['password'])))
{
return $this->handleUserWasAuthenticated($request, $throttles);
}
/*If the login attempt was unsuccessful we will increment the number of attempts
to login and redirect the user back to the login form. Of course, when this
user surpasses their maximum number of attempts they will get locked out.*/
if ($throttles && ! $lockedOut) {
$this->incrementLoginAttempts($request);
}
return $this->sendFailedLoginResponse($request);
}
}
Hardik Savani
I'm a full-stack developer, entrepreneur and owner of ItSolutionstuff.com. I live in India and I love to write tutorials and tips that can help to other artisan. I am a big fan of PHP, Laravel, Angular, Vue, Node, Javascript, JQuery, Codeigniter and Bootstrap from the early stage. I believe in Hardworking and Consistency.
We are Recommending you
- Laravel Google 2FA Authentication Tutorial Example
- How to Convert JSON to Array in Laravel?
- Laravel Contact Form Send Email Tutorial
- Laravel Send an Email on Error Exceptions Tutorial
- How to Add Google Map in Laravel?
- How to integrate TinyMCE Editor in Laravel?
- Laravel 9 Socialite Login with Github Account Example
- Laravel 9 REST API with Passport Authentication Tutorial
- Laravel 9 Bootstrap Auth Scaffolding Tutorial
- Laravel Login with Linkedin using Socialite Package
- Laravel Login with Google Account Tutorial
- How to Get Query Log in Laravel Eloquent?