Skip to content

Commit

Permalink
🔒 Rate limit login (#1908)
Browse files Browse the repository at this point in the history
  • Loading branch information
MrKrisKrisu authored Sep 16, 2023
1 parent 528ac36 commit 32ee703
Showing 1 changed file with 15 additions and 3 deletions.
18 changes: 15 additions & 3 deletions app/Http/Controllers/Auth/LoginController.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,9 @@
use App\Models\User;
use Carbon\Carbon;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\RedirectResponse;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class LoginController extends Controller
{
Expand All @@ -23,7 +24,7 @@ class LoginController extends Controller
|
*/

use AuthenticatesUsers;
use AuthenticatesUsers, ThrottlesLogins;

/**
* Where to redirect users after login.
Expand All @@ -41,17 +42,24 @@ public function __construct() {
$this->middleware('guest')->except('logout');
}

public function login(Request $request): RedirectResponse {
public function login(Request $request): Response {
$validated = $request->validate([
'login' => ['required', 'max:255'],
'password' => ['required', 'min:8'],
'remember' => ['nullable',],
]);

if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}

if (BackendLoginController::login($validated['login'], $validated['password'], isset($validated['remember']))) {
return redirect()->intended($this->redirectPath());
}

$this->incrementLoginAttempts($request);

return redirect()->route('login')
->withInput()
->withErrors([
Expand All @@ -62,4 +70,8 @@ public function login(Request $request): RedirectResponse {
protected function authenticated(Request $request, User $user): void {
$user->update(['last_login' => Carbon::now()->toIso8601String()]);
}

public function username(): string {
return 'login';
}
}

0 comments on commit 32ee703

Please sign in to comment.