// App\Http\Requests\LoginRequest
<?
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class LoginRequest extends FormRequest
{
public function authorize()
{
return false;
}
public function rules()
{
return [
'username' => [
'required',
]
];
}
}
// App\Http\Controllers\Admin
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Requests\LoginRequest;
use Illuminate\Cache\RateLimiter;
/**
* Class Auth
* @package App\Http\Controllers\Admin
*/
class Auth extends BaseController
{
public function login()
{
return view('admin.login');
}
public function dologin(LoginRequest $request)
{
dd($request->fails());
$rl = app(RateLimiter::class);
$res = $rl->tooManyAttempts($this->getFailKey($request),5,3);
if ($res)
return redirect()->back()->withErrors(['errors'=>'3分钟内错误超过5次,请稍后重试']);
$rl->hit($this->getFailKey($request));
}
private function getFailKey(Request $request)
{
return $request->input('username').':'.$request->ip();
}
}postForbidden is displayed directly after logging in. Why?
authorize should return true. Return false and a forbidden message will appear. But here comes the problem. I want to handle the logic myself when auth is false. What to do?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Override the following method of the base class:
Override this method according to your own logic under your
LoginRequest.