ItSolutionStuff.com

How to use Login Throttle in Laravel?

By Hardik Savani • November 5, 2023
Laravel

login throttle is for security purpose, throttle will help to block user for sometime if he write wrong username and password many times. Like, if you want to give 5 try to login with wrong password but if he will 6 try then it will block for 1 minute or 5minutes as we set. So, it will very secure for our laravel application.

Laravel framework provide inbuild throttling for login. Laravel manage throttle using cache facade. In this post i added whole AuthController file code that way you can understand very well. you can see loginPost method and understand how it works.

AuthController.php

Read Also: Laravel TCPDF: Generate HTML to PDF File Example
namespace App\Http\Controllers\Auth;

use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use Illuminate\Http\Request;

class AuthController extends Controller
{

    use AuthenticatesAndRegistersUsers, ThrottlesLogins;

    public function loginPost(Request $request)
    {

        $this->validate($request, [
            'email' => 'required|email',
            'password' => 'required',
        ]);

        /*If the class is using the ThrottlesLogins trait, we can automatically throttle
        the login attempts for this application. We'll key this by the username and
        the IP address of the client making these requests into this application.*/
        $throttles = $this->isUsingThrottlesLoginsTrait();

        if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);
            $key = $this->getThrottleKey($request).':lockout';

            
            return $this->sendLockoutResponse($request);
        }

        $credentials = $this->getCredentials($request);

        $input = $request->input();
        if (auth()->attempt(array('email' => $input['email'], 'password' => $input['password'])))
        {
            return $this->handleUserWasAuthenticated($request, $throttles);
        }

        /*If the login attempt was unsuccessful we will increment the number of attempts
         to login and redirect the user back to the login form. Of course, when this
         user surpasses their maximum number of attempts they will get locked out.*/
        if ($throttles && ! $lockedOut) {
            $this->incrementLoginAttempts($request);
        }

        return $this->sendFailedLoginResponse($request);
    }
}

Tags: Laravel
Hardik Savani

Hardik Savani

I'm a full-stack developer, entrepreneur, and founder of ItSolutionStuff.com. Passionate about PHP, Laravel, JavaScript, and helping developers grow.

📺 Subscribe on YouTube
← Previous Post

Bootstrap Daterangepicker Example Code

Next Post →

How to Set Config Value Dynamically in Laravel?

We Are Recommending You

Laravel Google 2FA Authentication Tutorial Example

Read Now →

How to Convert JSON to Array in Laravel?

Read Now →

Laravel Contact Form Send Email Tutorial

Read Now →

Laravel Send an Email on Error Exceptions Tutorial

Read Now →

How to Add Google Map in Laravel?

Read Now →

How to integrate TinyMCE Editor in Laravel?

Read Now →

Laravel 9 Socialite Login with Github Account Example

Read Now →

Laravel 9 REST API with Passport Authentication Tutorial

Read Now →

Laravel 9 Bootstrap Auth Scaffolding Tutorial

Read Now →

Laravel Login with Linkedin using Socialite Package

Read Now →

Laravel Login with Google Account Tutorial

Read Now →

How to Get Query Log in Laravel Eloquent?

Read Now →
YouTube

Check out our YouTube Channel!

View Videos & Subscribe
Subscribe
Popular Posts
Categories
Recent Posts