Laravel7 - Redirect on specific view when throttling detected

Question

I need to redirect the user to a simple informative view when throttling is detected during login.

I have a view called suspended.blade.php

I have set a route

Route::get('/suspended', function(){
    return view('suspended');
});

I'm using Cartalyst/Sentinel.

In my login controller I have something like this:

function LoginUser(Request $request){
   // some validation stuff...
  
   try {
     $user = Sentinel::authenticate($request->all());
   } catch (ThrottlingException $e) {
     // user inserted too many times a wrong password
     return redirect('/suspended');
   } catch (NotActivatedgException $e) {
     return redirect()->back()->with( ['error' => "Account not active yet."] );
   }

   // some other stuff...
}

If I emulate trottling I only get an error page, instead of my view.

Why is that?

Thanks

EDIT Following the hints of @PsyLogic I modified my function like that:

function LoginUser(Request $request){
   // some validation stuff...
  
   try {
     $user = Sentinel::authenticate($request->all());
   } 
   /* remove this part to use the default behaviour described in app\Excpetions\Handler.php */
      // catch (ThrottlingException $e) {
      // return redirect('/suspended');
      // } 
   catch (NotActivatedgException $e) {
     return redirect()->back()->with( ['error' => "Account not active yet."] 
   );
 }

   // some other stuff...
}

Still does not work, and shows the Laravel Error Page with all the debug code.

PsyLogic · Accepted Answer · 2021-04-28T13:08:17.587

0

Laravel already has throttle middleware you can just extend it and update the handle() method

namespace App\Http\Middleware;

use Illuminate\Routing\Middleware\ThrottleRequests;

class CustomThrottleMiddleware extends ThrottleRequests
{
     //...
}

and update the new middleware in your Handle.php file

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
         // ...
        'throttle' =>App\Http\Middleware\CustomThrottleMiddleware::class,
]

or you may keep the original index throttle and add your s

protected $routeMiddleware = [
            'auth' => \App\Http\Middleware\Authenticate::class,
             // ...
            'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
            'custom_throttle' =>App\Http\Middleware\CustomThrottleMiddleware::class,

    ]

Updated (easy way)

Event those changes won't affect your package, but let's do it with easy way, you can update the render() function inside App\Exceptions\Handler::class and make a test

public function render($request, Throwable $exception)
    {
        if ($exception instanceof ThrottleRequestsException) {
            return redirect()->route('suspended'); 
        }

        return parent::render($request, $exception);
    }

edited Apr 28 '21 at 13:08

answered Apr 28 '21 at 11:55

PsyLogic

639
4
10

Thank you @PsyLogic I'm not sure to be able to do that, because I do not undestand what I need to put inside the CustomThrottleMiddleware. In add, is this solution working together with Sentinel? My project is based on that, so I can't remove it now. – Simone Conti Apr 28 '21 at 12:45
Thanks @PsyLogic, your update sounds better to me. I'm still curious about your first solution. I searched for something on the internet and found this https://bannister.me/blog/custom-throttle-middleware/ But I cannot see any relation between the laraverl handle() function and my situation. No problem, I'll test your solution. Bye – Simone Conti Apr 28 '21 at 13:13
Yes, if you want to escape all those custom changes (involving many files) you can target one file with one condition. – PsyLogic Apr 28 '21 at 13:17
unfortunately it does not work to me (see my edit). I still see the error page instead of my view. – Simone Conti Apr 28 '21 at 13:26
Do you recognize the exception name that you get? – PsyLogic Apr 28 '21 at 13:29
This is what I get: "Cartalyst\Sentinel\Checkpoints\ThrottlingException Too many unsuccessful login attempts have been made against your account. Please try again after another [182] second(s)." I modified your code to manage ThrottlingException instead of ThrottleRequestsException, but nothing changes. – Simone Conti Apr 28 '21 at 13:31
so, did you import Cartalyst\Sentinel\Checkpoints\ThrottlingException instead of laravel throttle exception and didn't work either? – PsyLogic Apr 28 '21 at 13:33
OK!!! I forgot to include the correct class. Thanks – Simone Conti Apr 28 '21 at 13:37

Laravel7 - Redirect on specific view when throttling detected

1 Answers1