/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param int $maxAttempts
* @param int $decayMinutes
* @return mixed
*/
public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1)
{
$key = $this->resolveRequestSignature($request);
if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) {
return new Response('Too Many Attempts.', 429, ['Retry-After' => $this->limiter->availableIn($key), 'X-RateLimit-Limit' => $maxAttempts, 'X-RateLimit-Remaining' => 0]);
}
$this->limiter->hit($key, $decayMinutes);
return $next($request)->withHeaders(['X-RateLimit-Limit' => $maxAttempts, 'X-RateLimit-Remaining' => $maxAttempts - $this->limiter->attempts($key) + 1]);
}
/**
* Create a 'too many attempts' response.
*
* @param string $key
* @param int $maxAttempts
* @return \Symfony\Component\HttpFoundation\Response
*/
protected function buildResponse($key, $maxAttempts)
{
$response = new Response('Too Many Attempts.', 429);
$retryAfter = $this->limiter->availableIn($key);
return $this->addHeaders($response, $maxAttempts, $this->calculateRemainingAttempts($key, $maxAttempts, $retryAfter), $retryAfter);
}
/**
* Get total seconds before doing another login attempts for the user.
*
* @return int
*/
public function getSecondsBeforeNextAttempts()
{
return (int) $this->cacheLimiter->availableIn($this->getUniqueLoginKey());
}
