How to use Laravel Throttle

What ind of cache driver do you use? I'm using redis and it works fine, I set up my filter directly in the controller.

public function __construct (Guard $auth)
    {

        $this->auth = $auth;


        $this->middleware('admin.guest', ['except' => 'getLogout']);

        $this->beforeFilter('throttle:5,1', ['only' =>
                                                 ['postLogin']]);
    }

thats what my auth controller looks like. and it works like expected. after the 5 times hitting the route with wrong credetials i get an "Rate limit exceed." error instead of the "These credentials do not match our records." error.

Hi Alex, thanks for the reply! I am using the memcached cache driver. I just did this in my .env file:

CACHE_DRIVER=memcached

So I tried adding this to AuthController.php, and still nothing would stop me from trying to login many times with the wrong password:

$this->beforeFilter('throttle:2,1', ['only' => ['postLogin']]);

I suppose it could be something really basic I am not doing. I'm quite new to Laravel. My PHP is ok but I'm not so familiar with object-oriented PHP yet so I find it hard to read and understand Laravel's code.

Hi @JennySwift, did you ever figure this out? Would love to hear your reply since I'm attempting the same thing.

@clin407 Laravel 5.1.4 added simple login throttling, you might wanna check it out :)

http://laravel.com/docs/5.1/authentication#authentication-throttling

Awesome, thanks @TheHamsterOfGod :)

Hi @clin407, sorry for the late reply. I only just noticed your comment.

I didn't, but @foxted helped me get it working :).

routes.php:

Route::group(['prefix' => 'auth', 'namespace' => 'Auth'], function(){

    Route::group(['middleware' => 'guest'], function(){
        // Login
        Route::get('login', ['as' => 'auth.login', 'uses' => 'AuthController@getLogin']);
        Route::post('login', ['as' => 'auth.login.store', 'before' => 'throttle:2,60', 'uses' => 'AuthController@postLogin']);

        // Register
        Route::get('register', ['as' => 'auth.register', 'uses' => 'AuthController@getRegister']);
        Route::post('register', ['as' => 'auth.register.store', 'uses' => 'AuthController@postRegister']);
    });

    Route::group(['middleware' => 'auth'], function(){
        // Logout
        Route::get('logout', ['as' => 'auth.logout', 'uses' => 'AuthController@getLogout']);
    });

});

Route::controllers([
    'password' => 'Auth\PasswordController',
]);

app/Exceptions/Handler.php:

use Exception, Redirect;
use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException;

public function render($request, Exception $e)
    {
        if ($e instanceof TooManyRequestsHttpException)
           {
               return Redirect::back()
                    ->withInput($request->only('email', 'remember'))
                    ->withErrors([
                        'email' => 'Too many failed login attempts!',
                ]);
           }

           return parent::render($request, $e);
    }

@JennySwift did you find any solution because i have got same problem if you have could you share with me thanks

@mkaya Please see my last comment. That is the code that worked for me. Or, as @TheHamsterOfGod pointed out, you could try this.

While using the instructions out of the box described on https://github.com/GrahamCampbell/Laravel-Throttle I found the following route to work for me straight away, whereas I ran into non-response using the route setup described on the git readme.

Route::group(['middleware' => 'throttle:3,1'], function() {
        Route::get('/', function() {
                return 'All good';
        });
});

Route::middleware('auth:api', 'throttle:60,1')->group(function () {
Route::get('/user', function () {
//
});
});

for more information i suggest you to try this article steps

https://www.cloudways.com/blog/laravel-and-api-rate-limiting/