Rate limiter not working properly.

@Tray2 thats what ive done before

@Tray2 heres that code.

$executed = RateLimiter::attempt(
            $key,
            $limit,
            function () use ($request) {
            if ($request->message != Auth::user()->latestStatus) {
                // Logging
                $status = new Status;
                $status->creator_id = Auth::id();
                $status->message = $request->message;
                $status->save();

              
                $user = User::find(Auth::id());
                $user->status = $request->message;
                $user->save();
                return response()->json(
                    [
                        'message' => 'Your status has been changed.',
                        'type' => 'success'
                    ]
                );
            }

        }, 60);

@Snapey I apologise for the confusion, basically when I make a request, the key is not incremented. So when I make the 5 requests needed, it doesn't block the request. I've tried incrementing before the status function is ran but it doesn't work as well.

bump

bump

bump

@benridev exactly

@benridev I dont know what im doing wrong at this point. Do I have to define the rate limit in the app service provider?

i also have a login rate limiter and that doesn't work as well. so its not just this code.

public function LoginVal(Request $request): RedirectResponse
    {

        $credentials = $request->validate([
            'username' => 'required',
            'password' => 'required',
        ]);

        $this->ensureIsNotRateLimited($request);

        $user = User::where('username', $credentials['username'])->where('password', '!=', '')->first();

        if (!Auth::attempt(['username' => $credentials['username'], 'password' => $credentials['password']], $remember = true)) {
            // Authentication failed
            RateLimiter::hit($this->throttleKey($request));
            if ($this->limiter()->attempts($this->throttleKey($request)) == '5') {
                if (!Cache::has("{$this->throttleKey($request)}_mins"))
                    Cache::put("{$this->throttleKey($request)}_mins", 2, now()->addMinutes(30));
                else
                    Cache::increment("{$this->throttleKey($request)}_mins");
            }

            throw ValidationException::withMessages([
                'password' => __('auth.failed'),
            ]);
        } else {
            // Authentication passed
            RateLimiter::clear($this->throttleKey($request));
            if (Hash::needsRehash($user->password)) {
                $user->password = Hash::make($request->password);
                $user->save();
            }

            return redirect()->route('my.dashboard.page');
        };
    }

@benridev well i think i figured this out. https://stackoverflow.com/questions/33268683/how-to-get-client-ip-address-in-laravel-5/41769505#41769505

now the question is how do i extend Illuminate\Http\Request to implement this method for the load balancer,

"To fix this:

Illuminate\Http\Request.php

    public function ip()
    {
        //return $this->getClientIp(); //original method
        return $this->getIp(); // the above method
    }
```"

@azbx if you are behind a load balancer then the IP address won't be of much use. The original IP might be in one of the headers.

See also https://laravel.com/docs/11.x/requests#configuring-trusted-proxies

@Snapey got it

bump

@Snapey LOL