Question 17354 in Laravel Question posted in
The official Laravel Documentation can be found here.

Rate Limit for only success requests (Laravel 9)

Is there anyway to apply rate limiting to the route but for only success responses. Like for example if user sends request to send/code endpoint 5 times and if all of them was successful then block the user to send request again. But if 2 of them was unsuccessful (like validation error or something) but 3 was successful then user should have 2 more attempts for the given time.

I know rate limiting checks before request get executed, then block or let the user to continue. But is there anyway to apply my logic or should I try to approach differently?

Tags:

2

Answers


  1. 0

    You would probably need to make your own middleware, but you can extend the ThrottleRequests class and just customize how you want to handle responses:

    <?php

namespace AppHttpMiddleware;

use Closure;
use IlluminateRoutingMiddlewareThrottleRequests;
use IlluminateSupportArr;

class ThrottleSuccess extends ThrottleRequests
{
    /**
     * Handle an incoming request.
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @param  array  $limits
     * @return SymfonyComponentHttpFoundationResponse
     *
     * @throws IlluminateHttpExceptionsThrottleRequestsException
     */
    protected function handleRequest($request, Closure $next, array $limits)
    {
        $response = $next($request); // call the controller first

        if ($response->statusCode === 200) { // only hit limiter on successful response
            foreach ($limits as $limit) {
                if ($this->limiter->tooManyAttempts($limit->key, $limit->maxAttempts)) {
                    throw $this->buildException($request, $limit->key, $limit->maxAttempts, $limit->responseCallback);
                }
    
                $this->limiter->hit($limit->key, $limit->decayMinutes * 60);
            }
        }

        foreach ($limits as $limit) {
            $response = $this->addHeaders(
                $response,
                $limit->maxAttempts,
                $this->calculateRemainingAttempts($limit->key, $limit->maxAttempts)
            );
        }

        return $response;
    }
}

    Then add your middleware to Kernel.php:

        protected $routeMiddleware = [
        // ...
        'throttle.success' => ThrottleSuccess::class,
        // ...
    ];

    Then use it in a route like the original throttle middleware:

    Route::middleware('throttle.success:5,1')->group(function () {
    // ...
});

    Note: you may have to override handleRequestUsingNamedLimiter if you want to return a custom response built from RateLimiter::for, I have not done anything for that here.

    Login or Signup to reply.
  2. 0

    This is source code

    use IlluminateSupportFacadesRateLimiter;

class CodeZiDotProTestRateLimit extends Controller{
public function test_rate_limit_only_success(Request $request){

    // Step 1: Validate the request data
    $validator = Validator::make($request->all(), [
        'name' => 'required|string',
        'email' => 'required|email',
        'password' => 'required|min:8',
    ]);

    if ($validator->fails()) {
        return response()->json(['errors' => $validator->errors()], 422);
    }

    // Step 2: Apply rate limiting to this controller action
    $key = 'test_rate_limit_only_success_by_ip_'.request()->ip();
    if (RateLimiter::tooManyAttempts($key,10)) {
        return response()->json(['errors' => 'You have made too much in a short time. Please wait after 1 minute'], 422);
    } else {
        RateLimiter::hit($key, 60);
    }
}

    }

    Suppose my URL is Example.com/test_Rate_Limit_only_success.

    In this example, when a user sends a request to the system, the application will still validate the request (and if there are errors, the user will send unlimited requests). In the case of valid data, the rate limiting part will start working.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search