7

In the web.php routes, I have the following:

Route::middleware('throttle:3,1')->group(function () {
    Route::get('/about', function () {
        return "About Info";
    });
});

The Laravel Framework is 8.19.0.

Ideally, when someone hits the page more than 3 times in 1 minute, laravel should give 429 Too Many Attempts Response. But it does not. I am not getting the 429 response after 3 times.

How to fix this?

Thanks

mahesh salunke
  • 73
  • 1
  • 1
  • 7
  • Have you tried configuring your rate limiting [here](https://laravel.com/docs/8.x/routing#defining-rate-limiters)? – Aidan Dec 22 '20 at 09:33
  • You may need to include a rate limiter in the `configureRateLimiting()` function in `App\Providers\RouteServiceProvider`. – Aidan Dec 22 '20 at 09:34
  • Yes tried adding in RouteServiceProvider.php ```RateLimiter::for('requestslimit', function (Request $request) {return Limit::perMinute(3);});``` and in routes added ```middleware('throttle:requestslimit')``` – mahesh salunke Dec 22 '20 at 09:42
  • 1
    https://laracasts.com/series/whats-new-in-laravel-8/episodes/9 Please go through this video tutorial – Joyal Dec 22 '20 at 09:47
  • 1
    Hmm, you may be able to see if the rate limiting middleware is being applied in telescope if you have it installed on your project. – Aidan Dec 22 '20 at 09:50

6 Answers6

20

Since Laravel 8 you can configure rate limits in the method configureRateLimiting() of the App\Providers\RouteServiceProvider .

For example:

protected function configureRateLimiting()
{
    RateLimiter::for('api', function (Request $request) {
        return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
    });
}

Should you have updated from Laravel 7 do not forget to add the call to the method in the boot() method of the RouteServiceProvider. Otherwise the limits will not be applied.

public function boot()
{
    $this->configureRateLimiting();

    parent::boot();
}

See also documentation: https://laravel.com/docs/8.x/routing#rate-limiting and Laracasts video: https://laracasts.com/series/whats-new-in-laravel-8/episodes/9

Jonathan
  • 211
  • 2
  • 4
4

go to the .env file and check your cache driver if CACHE_DRIVER=none, set a cache driver.
Laravel support Supported: "apc", "array", "database", "file", "memcached", "redis", "dynamodb"

Ramin eghbalian
  • 2,348
  • 1
  • 16
  • 36
  • This was the tidbit I had overseen! Everything was working perfectly, my rate-limiter was just not counting the tries. – Mariann Jun 06 '23 at 14:04
0

I have got the issue. In the config/cache.php, the default was set to "null". I changed to "database". Now, this is working fine.

mahesh salunke
  • 73
  • 1
  • 1
  • 7
0

in laravel 8 i had implemented this in this way, its easy to use :

in RouteServiceProvider.php just add :

use Illuminate\Http\Response;
use Illuminate\Support\Facades\RateLimiter;


    protected function configureRateLimiting()
    {
        RateLimiter::for('login', function (Request $request) {
            $key = 'login.' . $request->input('username') . '.' . $request->ip();
            $max = 5;  //attempts
            $decay = 120; // 120 seconds/2 minute for suspending 

            if (RateLimiter::tooManyAttempts($key, $max)) {
                return response()->json(['message' => __("messages.login.throttle.suspension")], Response::HTTP_UNPROCESSABLE_ENTITY);
            } else {
                RateLimiter::hit($key, $decay);
            }

        });
    }
Masoud
  • 1,099
  • 1
  • 10
  • 22
0

The problem occurs because the provider files that do not correspond to the current version of Laravel were replaced, the solution is to compress the entire project folder if it is being uploaded to the server and if the problem is on the local computer, restore the project with a new installation

Desarrollo RDT
  • 1
0

Approach 1

app/Http/Providers/RouteServiceProvider.php

The default configureRateLimiting() method is already there.

Approach 2

routes/api.php

Route::post('/send-otp', 'UtilityController@sendOtp')->middleware(['throttle:5,1']);
Soubhagya Kumar Barik
  • 1,979
  • 20
  • 26