限流目的
- 安全——限制表单登录次数,防止暴力破解
- 资源控制——例如「找回密码」页面会有访问数据库、发送邮件等耗费资源的操作,限流可以有效控制资源浪费
限流功能
app/Http/Kernel.php
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}其中, throttle 为限流中间件。
忘记密码页面 1 分钟只允许访问 2 次
$this->middleware('throttle:2,1', [
'only' => ['showLinkRequestForm']
]);
发送密码重置邮件,10 分钟内只能尝试 3 次
$this->middleware('throttle:3,10', [
'only' => ['sendResetLinkEmail']
]);登录限流,10 分钟内只能尝试 10 次
$this->middleware('throttle:10,10', [
'only' => ['store']
]);
更多精彩内容:各种AI课程、技能课程、黑科技软件、网站小程序源码、副业小项目、PPT模板等精品素材、电商课程、推广引流课程等,尽在 天边资源网 。