php - 在 laravel 中处理 hasTooManyLoginAttempts?
问题描述
用户已经超过了他们分配的最大登录尝试次数,这将通过用户名和客户端的 IP 地址进行键入,我使用 trait AuthenticatesUsers 拉入。您查看提到的特征内部,您会看到另一个特征 ThrottlesLogins 拉入。
授权配置:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
'admin-web' => [
'driver' => 'session',
'provider' => 'admins',
],
'admin-api' => [
'driver' => 'passport',
'provider' => 'admins',
],
],
授权控制器:
class AuthController extends Controller
{
use ThrottlesLogins;
public function login(Request $request)
{
$method = __FUNCTION__;
//set validations
$validator = Validator::make($request->all(), [
'email' => 'required|string|email',
'password' => 'required|string|min:6',
]);
if ($validator->fails()) {
return (new FailedServerResponse($this->controller, $method, $this->errorType['validation'], $validator->errors()))->show();
}
$admin = Admin::where('email', $request->email)->first();
if ( $this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if (Auth::guard('admin-web')->attempt(['email' => $request->email, 'password' => $request->password, 'is_active' => 1], true)) {
try {
$token = $admin->createToken('register admin')->accessToken;
} catch (\Exception $e) {
return (new FailedServerResponse($this->controller, $method, $this->errorType['token']))->show();
}
return $token;
//success and everything is ok
$extra = ['token' => $token, 'is_register' => true];
return (new UserResponse($admin->load('userActivities', 'addresses.city.province', 'wallets', 'userGalleries'), $actionName, $extra))->withPrimaryLayout();
} else {
return (new FailedServerResponse($this->controller, $method, $this->errorType['notFound']))->show();
}
}
protected function hasTooManyLoginAttempts(Request $request)
{
$attempts = 2;
$lockoutMinites = 10;
return $this->limiter()->tooManyAttempts(
$this->throttleKey($request), $attempts, $lockoutMinites
);
}
hasTooManyLoginAttempts 不起作用。你能帮助我吗?
解决方案
也许问题在于
$this->incrementLoginAttempts($request);
如果登录尝试不成功,我们将增加尝试登录的次数并将用户重定向回登录表单。
推荐阅读
- mongodb - 一段时间后MongoDB更新集合
- html - Flexbox 将侧边栏缩小到内容高度
- jquery - Yii2:如何制作一个使用 jQuery 禁用/只读
- python - python 套接字服务器,netcat 客户端,如何从服务器清除 netcat 终端
- python - 为什么 libsvm 不支持小批量?
- jquery - 使用 jQuery 在另一个元素中以类名开头来获取元素
- javascript - AJAX/JS 不显示警报
- webpack - Webpack 4 babel/at-loader jsx 在单个机器上无法识别
- r - 参数的列数不匹配
- r - 一次重新编码多列