How to add rate limit to Resend Verification Email on page email/verify for Laravel Jetstream
Laravel Jetstream, when enabled email verification, when one registered, for any account management pages, it'll redirect to /email/verify page to inform user to verify email address.
My issue is the button Resend Verification Email on the page can be clicked without any restrictions. Imagine one boring person registered, and clicked the button again and again, then the same email send out again and again.
Create a rate limiter on your AppServiceProvider and add a middleware to the controller:
<?php
namespace App\Providers;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\ServiceProvider;
use Laravel\Fortify\Http\Controllers\EmailVerificationNotificationController;
class AppServiceProvider extends ServiceProvider
{
public function register()
{
$this->app->afterResolving(EmailVerificationNotificationController::class, function ($controller) {
// use the name you set for your rate limiter below
$controller->middleware('throttle:verification');
});
}
public function boot()
{
// choose the name you want for your rate limiter
RateLimiter::for('verification', function (Request $request) {
return Limit::perMinute(3)->by($request->ip());
});
}
}
Note I used a blank AppServiceProvider to illustrate what you need to do. If you already have any additional code in your AppServiceProvider keep it.
@rodrigo.pedra Just wondering about this how I may intercept the 429 response to pass it as a flash to the reloading page, so I can put the answer in a toast alert...
Or I'll just make another livewire component as I did for every other option until now.
