In Laravel 5.5, currently five login attempts blocks user for 1 minute by default. I want to design such a system like:
- After first 3 failed login attempt, block user for 2 minutes
- After that, for the next 2 failed login attempt(that is total 5th time), block user for 5 minutes.
I have edited ThrottlesLogins.php file like:
public function maxAttempts()
{
return property_exists($this, 'maxAttempts') ? $this->maxAttempts : 2;
}
public function decayMinutes()
{
return property_exists($this, 'decayMinutes') ? $this->decayMinutes : 2;
}
And then in my LoginController.php file:
public function adminLogin(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
$key = $this->throttleKey($request);
$rateLimiter = $this->limiter();
//check if the user has too many login attempts.
if ($this->hasTooManyLoginAttempts($request)){
$attempts = $rateLimiter->attempts($key);
$rateLimiter->clear($key);
if($attempts === 5){
$this->decayMinutes = 5;
}
for ($i = 0; $i < $attempts; $i++) {
$this->incrementLoginAttempts($request);
}
$this->fireLockoutEvent($request); //Fire the lockout event.
return $this->sendLockoutResponse($request); //redirect the user back after lockout.
}
if (Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password],
$request->get('remember'))) {
return redirect()->intended('/admin');
}
//keep track of login attempts from the user.
$this->incrementLoginAttempts($request);
return back()->withInput($request->only('email', 'remember'));
}
I have already followed this: Stack Overflow
But it does not solve my problem. How can i achieve such system ? Any help ?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire