/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int $maxAttempts * @param int $decayMinutes * @return mixed */ public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1) { $key = $this->resolveRequestSignature($request); if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) { return new Response('Too Many Attempts.', 429, ['Retry-After' => $this->limiter->availableIn($key), 'X-RateLimit-Limit' => $maxAttempts, 'X-RateLimit-Remaining' => 0]); } $this->limiter->hit($key, $decayMinutes); return $next($request)->withHeaders(['X-RateLimit-Limit' => $maxAttempts, 'X-RateLimit-Remaining' => $maxAttempts - $this->limiter->attempts($key) + 1]); }
/** * Create a 'too many attempts' response. * * @param string $key * @param int $maxAttempts * @return \Symfony\Component\HttpFoundation\Response */ protected function buildResponse($key, $maxAttempts) { $response = new Response('Too Many Attempts.', 429); $retryAfter = $this->limiter->availableIn($key); return $this->addHeaders($response, $maxAttempts, $this->calculateRemainingAttempts($key, $maxAttempts, $retryAfter), $retryAfter); }
/** * Get total seconds before doing another login attempts for the user. * * @return int */ public function getSecondsBeforeNextAttempts() { return (int) $this->cacheLimiter->availableIn($this->getUniqueLoginKey()); }