欢迎各位兄弟 发布技术文章

这里的技术是共享的

You are here

首页

Laravel 5.3 Throttle Login

星期五, 2017-06-02 17:23 — adminshiping1

Laravel 5.3 Throttle Login

I have notice that Throttles in Laravel 5.3 are different then 5.2 while I was trying to write my own login function. So I tried to copy this from the default script because I couldn't find a good documentation about the new way.

The only thing thing that I can't find out is how to set the maximum attempts and time banned.

This is what I got so far: http://laravel.io/bin/l5eJ3

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\User;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Auth, Mail, Hash;

class AuthController extends Controller
{
    use ThrottlesLogins;

    public function getLogin(){
        return view('login');
    }

    public function postLogin(Request $request){
        $this->validate($request, [
          'email' => 'required',
          'password' => 'required',
          ]);

        if ($this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return redirect()->route('login')->with('alert-warning', 'Too many login attempts');
        }


        $user = User::where('email', '=', $request->email)
        if($user->count() < 1){
            $this->incrementLoginAttempts($request);

            return redirect()->route('login')->with('alert-warning', 'Failed to login'); 
        }
        else if($user->first()->hidden == 1){
            $this->incrementLoginAttempts($request);

            return redirect()->route('login')->with('alert-warning', 'Account suspended');
        }
        else{
            if (Auth::attempt(['email' => $request->email, 'password' => $request->password], $request->remember)) {
                // clear login attempts
                $this->clearLoginAttempts($request);
                //redirect
                return redirect()->route('dashboard');
            }
            else{
                $this->incrementLoginAttempts($request);

                return redirect()->route('login')->with('alert-warning', 'Failed to login');
            }
        }
    }

    /**
     * Get the login username to be used by the controller.
     *
     * @return string
     */
    public function username()
    {
        return 'email';
    }
}
thepascalboy
thepascalboy
  • 5 months ago
mul14
mul14

If you use default login feature, just add this method to your App\User

protected function hasTooManyLoginAttempts(Request $request)
{
    $maxLoginAttempts = 3;

    $lockoutTime = 1; // In minutes

    return $this->limiter()->tooManyAttempts(
        $this->throttleKey($request), $maxLoginAttempts, $lockoutTime
    );
}

Reference: https://mul14.wordpress.com/2016/12/25/mengatur-maximum-login-di-laravel-5-3/

Ayman
Ayman

mul14 said:

If you use default login feature, just add this method to your App\User

protected function hasTooManyLoginAttempts(Request $request)
{
   $maxLoginAttempts = 3;

   $lockoutTime = 1; // In minutes

   return $this->limiter()->tooManyAttempts(
       $this->throttleKey($request), $maxLoginAttempts, $lockoutTime
   );
}

Reference: https://mul14.wordpress.com/2016/12/25/mengatur-maximum-login-di-laravel-5-3/

You have to add this method to Auth\LoginController.php in Laravel 5.3


普通分类: 
laravel
Powered by Drupal

友情链接

校园好文网

 www.shipingzhong.cn  个人技术网_前端_后台    备案号:苏ICP备18010659号-2