laravel5.6 passport oauth最大登录尝试次数

acruukt9 于 2021-06-25 发布在 Mysql

关注(0)|答案(2)|浏览(343)

我刚刚用laravelpassport创建了一个简单的oauth系统。此系统将负责外部应用程序用户的注册和身份验证。一切都像我期望的那样工作，现在我想实现一种机制，在预定义的失败登录尝试次数之后锁定用户。
我是新来拉威尔和护照，有没有任何内置的软件包，可以管理这对我来说？或者我必须自己开发这个功能？如果是这样，我怎样才能完成这样的任务？
我一直在网上搜索，但直到现在我还没有找到任何关于passport oauth的信息。

mysql php laravel laravel-5 laravel-passport

来源：https://stackoverflow.com/questions/49803119/laravel-5-6-passport-oauth-max-login-attempts

2条答案

按热度按时间

vzgqcmou1#

事实上，拉威尔已经有这个功能，你可以检查下面的链接有关https://laravel.com/docs/5.6/authentication#login-节流

赞(0）回复(0）举报 2021-06-26

lymgl2op2#

我已经完成了我想做的事情，如果有人遇到这个问题，下面是我所做的。。。
创建了自定义authcontroller和login方法以替换laravel passport的默认oauth/令牌：

use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
use Illuminate\Http\Response;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Response;
use \Laravel\Passport\Http\Controllers\AccessTokenController as AccessTokenController;

class AuthController extends AccessTokenController
{
    use AuthenticatesUsers;

    //custom login method
    public function login(Request $request)
    {
        //...
    }
}

在执行任何其他登录操作之前，请检查用户是否已达到最大登录尝试次数：

//custom login method
public function login(Request $request)
{
    //check if the max number of login attempts has been reached
    if ($this->hasTooManyLoginAttempts($request)) 
    {
        $this->fireLockoutEvent($request);

        return "To many attempts...";
    }

    //...
}

通过尝试登录验证用户凭据。如果登录成功，则重置失败尝试计数。如果失败，则增加计数：

//check if user has reached the max number of login attempts

//verify user credentials
$credentials = $request->only('email', 'password');

if (Auth::attempt($credentials)) 
{       
    //reset failed login attemps
    $this->clearLoginAttempts($request);

    //...
}
else
{       
    //count user failed login attempts
    $this->incrementLoginAttempts($request);

    return "Login failed...";
}

最后，由于passport（oauth2）使用psr-7请求（服务器请求接口），我们需要将标准的laravel请求转换为psr-7，以便发出访问令牌：

//Authentication passed...

//convert Laravel Request (Symfony Request) to PSR-7
$psr7Factory = new DiactorosFactory();
$psrRequest = $psr7Factory->createRequest($request);

//generate access token
$tokenResponse = parent::issueToken($psrRequest);

//return issued token
return Response::json($tokenResponse);

以下是完整的登录方法：

public function login(Request $request)
{
    //check if user has reached the max number of login attempts
    if ($this->hasTooManyLoginAttempts($request)) 
    {
        $this->fireLockoutEvent($request);

        return "To many attempts...";
    }

    //verify user credentials
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) 
    {
        //Authentication passed...

        //reset failed login attemps
        $this->clearLoginAttempts($request);

        //convert Laravel Request (Symfony Request) to PSR-7
        $psr7Factory = new DiactorosFactory();
        $psrRequest = $psr7Factory->createRequest($request);

        //generate access token
        $tokenResponse = parent::issueToken($psrRequest);

        //return issued token
        return Response::json($tokenResponse);
    } 
    else 
    {
        //count user failed login attempts
        $this->incrementLoginAttempts($request);

        return "Login failed...";
    }
}

赞(0）回复(0）举报 2021-06-25

我来回答

laravel5.6 passport oauth最大登录尝试次数

2条答案

相关问题

热门标签

最新问答