/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function postLogin(Request $request, RateLimiter $rateLimiter, ImageCaptcha $imageCaptcha) { $identifier = $request->input('identifier'); $user = User::getUserByIdentifier($identifier); $maxAttempts = 3; $decayMinutes = 4 * 60; if ($user) { $key = 'user_id_' . $user->id . ':' . $request->ip(); if ($rateLimiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) { $retriesLeft = 0; if (!$imageCaptcha->check('login', $request->input('captcha'))) { return response()->json(['status' => false, 'message' => '您输入的验证码输入错误', 'field' => 'captcha', 'attempts' => $retriesLeft]); } } else { $retriesLeft = $maxAttempts - $rateLimiter->hit($key) + 1; } if ($user->login($request->input('password'), true)) { $rateLimiter->clear($key); return response()->json(['status' => true, 'location' => session('project_invite') ? session('project_invite.active_url') : url('user/home')]); } else { $forgotPasswordUrl = url('account/forgot-password', [$identifier]); return response()->json(['status' => false, 'message' => '您输入的密码错误 <a href="' . $forgotPasswordUrl . '">尝试找回密码</a>', 'field' => 'password', 'attempts' => $retriesLeft]); } } else { return response()->json(['status' => false, 'message' => '系统无法找到您登陆的用户 ' . e($identifier), 'field' => 'identifier', 'attempts' => $maxAttempts]); } }
/** * Clear the login locks for the given user credentials. * * @return void */ public function clearLoginAttempts() { $this->cacheLimiter->clear($this->getUniqueLoginKey()); }