/**
* Run the login throttling middleware.
*
* We're verifying that the user is not attempting to brute force Cachet's
* login system. If the user has reached the rate limit, then we're sending
* them away, otherwise, we do nothing, and allow them to continue.
*
* Note that this filter is not responsible for incrementing the hit count.
* Another part of Cachet will increment the hit count for the given route
* only if validation passes, and the user did not successfully login.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!Throttle::check($request, 10, 10)) {
return Redirect::back()->with('error', 'You have made too many login requests.');
}
return $next($request);
}
<?php
/*
* This file is part of Bootstrap CMS.
*
* (c) Graham Campbell <*****@*****.**>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
use GrahamCampbell\Throttle\Facades\Throttle;
use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException;
/*
|--------------------------------------------------------------------------
| Throttling Filters
|--------------------------------------------------------------------------
|
| This is where we check the user is not spamming our system by limiting
| certain types of actions with a throttler.
|
*/
$router->filter('throttle.comment', function ($route, $request) {
// check if we've reached the rate limit, but don't hit the throttle yet
// we can hit the throttle later on in the if validation passes
if (!Throttle::check($request, 10, 1)) {
throw new TooManyRequestsHttpException(60, 'Rate limit exceed.');
}
});
/**
* Run the login throttling filter.
*
* We're verifying that the user is not attempting to brute force Cachet's
* login system. If the user has reached the rate limit, then we're sending
* them away, otherwise, we do nothing, and allow them to continue.
*
* Note that this filter is not responsible for incrementing the hit count.
* Another part of Cachet will increment the hit count for the given route
* only if validation passes, and the user did not successfully login.
*
* @param \Illuminate\Routing\Route $route
* @param \Illuminate\Http\Request $request
*
* @return \Illuminate\Http\Response|null
*/
public function filter(Route $route, Request $request)
{
if (!Throttle::check($request, 10, 10)) {
return Redirect::back()->with('error', 'You have made too many login requests.');
}
}
$router->filter('throttle.activate', function ($route, $request) {
// check if we've reached the rate limit, and hit the throttle
// no validation is required, we should always hit the throttle
if (!Throttle::attempt($request, 10, 10)) {
return Redirect::route('account.login')->withInput()->with('error', 'You have made too many activation requests. Please try again in 10 minutes.');
}
});
$router->filter('throttle.resend', function ($route, $request) {
// check if we've reached the rate limit, but don't hit the throttle yet
// we can hit the throttle later on in the if validation passes
if (!Throttle::check($request, 5, 30)) {
return Redirect::route('account.resend')->withInput()->with('error', 'You have been suspended from resending activation emails. Please contact support.');
}
});
$router->filter('throttle.reset', function ($route, $request) {
// check if we've reached the rate limit, but don't hit the throttle yet
// we can hit the throttle later on in the if validation passes
if (!Throttle::check($request, 5, 30)) {
return Redirect::route('account.reset')->withInput()->with('error', 'You have been suspended from resetting passwords. Please contact support.');
}
});
$router->filter('throttle.register', function ($route, $request) {
// check if we've reached the rate limit, but don't hit the throttle yet
// we can hit the throttle later on in the if validation passes
if (!Throttle::check($request, 5, 30)) {
return Redirect::route('account.register')->withInput()->with('error', 'You have been suspended from registration. Please contact support.');
}
});
$router->filter('localization', function () {
App::setLocale(Route::input('lang'));
});
