mirror of
https://github.com/Bubka/2FAuth.git
synced 2025-06-20 11:47:53 +02:00
Refactore login controller and add login attempts throttling
This commit is contained in:
Bubka
parent
fe5f4c8b88
commit
9f3a770f21
@ -2,9 +2,15 @@
|
|||||||
|
|
||||||
namespace App\Http\Controllers\Auth;
|
namespace App\Http\Controllers\Auth;
|
||||||
|
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Http\Response;
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
use Illuminate\Support\Facades\Lang;
|
||||||
|
use Illuminate\Validation\ValidationException;
|
||||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||||
|
|
||||||
|
|
||||||
class LoginController extends Controller
|
class LoginController extends Controller
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
@ -12,28 +18,118 @@ class LoginController extends Controller
|
|||||||
| Login Controller
|
| Login Controller
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
|
||||||
| This controller handles authenticating users for the application and
|
| This controller handles authenticating users for the application.
|
||||||
| redirecting them to your home screen. The controller uses a trait
|
| The controller uses a trait to conveniently provide its functionality
|
||||||
| to conveniently provide its functionality to your applications.
|
| to your applications.
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
use AuthenticatesUsers;
|
use AuthenticatesUsers;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Where to redirect users after login.
|
* Handle a login request to the application.
|
||||||
*
|
*
|
||||||
* @var string
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse
|
||||||
|
*
|
||||||
|
* @throws \Illuminate\Validation\ValidationException
|
||||||
*/
|
*/
|
||||||
protected $redirectTo = '/home';
|
public function login(Request $request)
|
||||||
|
{
|
||||||
|
$this->validateLogin($request);
|
||||||
|
|
||||||
|
// If the class is using the ThrottlesLogins trait, we can automatically throttle
|
||||||
|
// the login attempts for this application. We'll key this by the username and
|
||||||
|
// the IP address of the client making these requests into this application.
|
||||||
|
if (method_exists($this, 'hasTooManyLoginAttempts') &&
|
||||||
|
$this->hasTooManyLoginAttempts($request)) {
|
||||||
|
$this->fireLockoutEvent($request);
|
||||||
|
|
||||||
|
return $this->sendLockoutResponse($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->attemptLogin($request)) {
|
||||||
|
return $this->sendLoginResponse($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the login attempt was unsuccessful we will increment the number of attempts
|
||||||
|
// to login and redirect the user back to the login form. Of course, when this
|
||||||
|
// user surpasses their maximum number of attempts they will get locked out.
|
||||||
|
$this->incrementLoginAttempts($request);
|
||||||
|
|
||||||
|
return $this->sendFailedLoginResponse($request);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new controller instance.
|
* Send the response after the user was authenticated.
|
||||||
*
|
*
|
||||||
* @return void
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse
|
||||||
*/
|
*/
|
||||||
public function __construct()
|
protected function sendLoginResponse(Request $request)
|
||||||
{
|
{
|
||||||
$this->middleware('guest')->except('logout');
|
$this->clearLoginAttempts($request);
|
||||||
|
|
||||||
|
$success['token'] = $this->guard()->user()->createToken('2FAuth')->accessToken;
|
||||||
|
$success['name'] = $this->guard()->user()->name;
|
||||||
|
|
||||||
|
return response()->json(['message' => $success], Response::HTTP_OK);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
/**
|
||||||
|
* Get the failed login response instance.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse
|
||||||
|
*/
|
||||||
|
protected function sendFailedLoginResponse(Request $request)
|
||||||
|
{
|
||||||
|
return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirect the user after determining they are locked out.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse
|
||||||
|
*/
|
||||||
|
protected function sendLockoutResponse(Request $request)
|
||||||
|
{
|
||||||
|
$seconds = $this->limiter()->availableIn(
|
||||||
|
$this->throttleKey($request)
|
||||||
|
);
|
||||||
|
|
||||||
|
return response()->json(['message' => Lang::get('auth.throttle', ['seconds' => $seconds])], Response::HTTP_TOO_MANY_REQUESTS);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate the user login request.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @return void
|
||||||
|
*
|
||||||
|
* @throws \Illuminate\Validation\ValidationException
|
||||||
|
*/
|
||||||
|
protected function validateLogin(Request $request)
|
||||||
|
{
|
||||||
|
$request->validate([
|
||||||
|
$this->username() => 'required|string|exists:users,email',
|
||||||
|
'password' => 'required|string',
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* log out current user
|
||||||
|
* @param Request $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse
|
||||||
|
*/
|
||||||
|
public function logout(Request $request)
|
||||||
|
{
|
||||||
|
$this->guard()->logout();
|
||||||
|
|
||||||
|
return response()->json(['message' => 'signed out'], Response::HTTP_OK);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@ -11,47 +11,6 @@ use Illuminate\Support\Facades\Auth;
|
|||||||
class UserController extends Controller
|
class UserController extends Controller
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
|
||||||
* log a user in
|
|
||||||
* @return [type] [description]
|
|
||||||
*/
|
|
||||||
public function login(Request $request)
|
|
||||||
{
|
|
||||||
|
|
||||||
$this->validate($request, [
|
|
||||||
'email' => 'required|exists:users,email',
|
|
||||||
'password' => 'required',
|
|
||||||
]);
|
|
||||||
|
|
||||||
$credentials = [
|
|
||||||
'email' => request('email'),
|
|
||||||
'password' => request('password')
|
|
||||||
];
|
|
||||||
|
|
||||||
if (Auth::attempt($credentials)) {
|
|
||||||
$success['token'] = Auth::user()->createToken('MyApp')->accessToken;
|
|
||||||
$success['name'] = Auth::user()->name;
|
|
||||||
|
|
||||||
return response()->json(['message' => $success], 200);
|
|
||||||
}
|
|
||||||
|
|
||||||
return response()->json(['message' => 'unauthorised'], 401);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* log out current user
|
|
||||||
* @param Request $request
|
|
||||||
* @return json
|
|
||||||
*/
|
|
||||||
public function logout()
|
|
||||||
{
|
|
||||||
$accessToken = Auth::user()->token();
|
|
||||||
$accessToken->revoke();
|
|
||||||
|
|
||||||
return response()->json(['message' => 'signed out']);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* check if a user exists
|
* check if a user exists
|
||||||
|
|||||||
2
resources/js/langs/locales.js
vendored
2
resources/js/langs/locales.js
vendored
@ -5,6 +5,7 @@ export default {
|
|||||||
"sign_in": "Sign in",
|
"sign_in": "Sign in",
|
||||||
"register": "Register",
|
"register": "Register",
|
||||||
"hello": "Hi {username} !",
|
"hello": "Hi {username} !",
|
||||||
|
"throttle": "Too many login attempts. Please try again in {seconds} seconds.",
|
||||||
"confirm": {
|
"confirm": {
|
||||||
"logout": "Are you sure you want to log out?"
|
"logout": "Are you sure you want to log out?"
|
||||||
},
|
},
|
||||||
@ -265,6 +266,7 @@ export default {
|
|||||||
"sign_in": "Se connecter",
|
"sign_in": "Se connecter",
|
||||||
"register": "Créer un compte",
|
"register": "Créer un compte",
|
||||||
"hello": "Hi {username} !",
|
"hello": "Hi {username} !",
|
||||||
|
"throttle": "Trop de tentatives de connexion. Veuillez réessayer dans {seconds} secondes.",
|
||||||
"confirm": {
|
"confirm": {
|
||||||
"logout": "Etes-vous sûrs de vouloir vous déconnecter ?"
|
"logout": "Etes-vous sûrs de vouloir vous déconnecter ?"
|
||||||
},
|
},
|
||||||
|
|||||||
@ -17,6 +17,7 @@ return [
|
|||||||
'sign_in' => 'Sign in',
|
'sign_in' => 'Sign in',
|
||||||
'register' => 'Register',
|
'register' => 'Register',
|
||||||
'hello' => 'Hi {username} !',
|
'hello' => 'Hi {username} !',
|
||||||
|
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
|
||||||
'confirm' => [
|
'confirm' => [
|
||||||
'logout' => 'Are you sure you want to log out?',
|
'logout' => 'Are you sure you want to log out?',
|
||||||
],
|
],
|
||||||
@ -45,6 +46,5 @@ return [
|
|||||||
'edit_account' => 'Edit account',
|
'edit_account' => 'Edit account',
|
||||||
'profile_saved' => 'Profile successfully updated!'
|
'profile_saved' => 'Profile successfully updated!'
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|||||||
@ -17,6 +17,7 @@ return [
|
|||||||
'sign_in' => 'Se connecter',
|
'sign_in' => 'Se connecter',
|
||||||
'register' => 'Créer un compte',
|
'register' => 'Créer un compte',
|
||||||
'hello' => 'Hi {username} !',
|
'hello' => 'Hi {username} !',
|
||||||
|
'throttle' => 'Trop de tentatives de connexion. Veuillez réessayer dans :seconds secondes.',
|
||||||
'confirm' => [
|
'confirm' => [
|
||||||
'logout' => 'Etes-vous sûrs de vouloir vous déconnecter ?',
|
'logout' => 'Etes-vous sûrs de vouloir vous déconnecter ?',
|
||||||
],
|
],
|
||||||
|
|||||||
@ -15,7 +15,8 @@ use Illuminate\Http\Request;
|
|||||||
|
|
||||||
Route::group(['middleware' => 'guest:api'], function () {
|
Route::group(['middleware' => 'guest:api'], function () {
|
||||||
|
|
||||||
Route::post('login', 'UserController@login');
|
Route::post('login', 'Auth\LoginController@login');
|
||||||
|
|
||||||
Route::post('checkuser', 'UserController@checkUser');
|
Route::post('checkuser', 'UserController@checkUser');
|
||||||
Route::post('register', 'UserController@register');
|
Route::post('register', 'UserController@register');
|
||||||
|
|
||||||
@ -26,7 +27,7 @@ Route::group(['middleware' => 'guest:api'], function () {
|
|||||||
|
|
||||||
Route::group(['middleware' => 'auth:api'], function() {
|
Route::group(['middleware' => 'auth:api'], function() {
|
||||||
|
|
||||||
Route::post('logout', 'UserController@logout');
|
Route::post('logout', 'Auth\LoginController@logout');
|
||||||
|
|
||||||
Route::get('profile/account', 'Profile\AccountController@show');
|
Route::get('profile/account', 'Profile\AccountController@show');
|
||||||
Route::patch('profile/account', 'Profile\AccountController@update');
|
Route::patch('profile/account', 'Profile\AccountController@update');
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user