CODEWITHSUNDEEP
phplaravellaravel-5.5
user101289
user101289

Reputation: 10422

Laravel 5.5 ThrottleRequest middleware

Does anyone have info on how to implement the ThrottleRequest middleware in Laravel 5.5?

I'm not clear on the meaning of the decayMinutes parameter in particular: https://laravel.com/api/5.5/Illuminate/Routing/Middleware/ThrottleRequests.html

I understand how to apply it to a route, I just am not sure what reaosnable parameters would be.

Upvotes: 7

Views: 4178

Answers (2)

Samuel James
Samuel James

Reputation: 1526

I understand decayMinutes as the retention time. For intance, if you want to give a 10 try to login with wrong password but if he tries for 11 times, the user gets blocked for the number of minutes specified in decayMinutes. If you specify 10 minutes as your decayMinutes, the user is blocked for 10 minutes

Upvotes: 7

Alexander Yancharuk
Alexander Yancharuk

Reputation: 14501

decayMinutes - it's a time within your limit will be counted. Technically limits is a value with TTL (Time To Live) $decayMinutes * 60 secs in cache that increments on every hit. When TTL is over value automatically will be destroyed in cache and new hits count will be start.

Look at RateLimit::hit() code. It's pretty clear:

/**
 * Increment the counter for a given key for a given decay time.
 *
 * @param  string  $key
 * @param  float|int  $decayMinutes
 * @return int
 */
public function hit($key, $decayMinutes = 1)
{
    $this->cache->add(
        $key.':timer', $this->availableAt($decayMinutes * 60), $decayMinutes
    );
    $added = $this->cache->add($key, 0, $decayMinutes);
    $hits = (int) $this->cache->increment($key);
    if (! $added && $hits == 1) {
        $this->cache->put($key, 1, $decayMinutes);
    }
    return $hits;
}

If you want to limit some activity by 10 hits per 5 minutes, than decayMinutes must be 5.

Upvotes: 4

Related Questions