Get the latest Laravel/PHP jobs, events and curated articles straight to your inbox, once a week
Source: peterbabic.dev
Throttle with ReCaptcha Laravel middleware
After a few days of struggling I have found a few-lines long solution to the problem of how to show ReCaptcha after a few hits on the endpoint. Requiring a ReCaptcha after a few successive hits in a short amount of time greatly reduces this attack vector.
The above assumes that you already have your own MyReCaptchaMiddleware up and running, we won't go into details of it here.
But since we rather use the provided $maxAttempts and $decayMinutes middleware parameters of the throttle middleware only for their intended purpose, we can safely omit that block.
It's the latter I am using to determine when to display the ReCaptcha on the front-end.
The above assumes that you already have your own MyReCaptchaMiddleware up and running, we won't go into details of it here.
But since we rather use the provided $maxAttempts and $decayMinutes middleware parameters of the throttle middleware only for their intended purpose, we can safely omit that block.
It's the latter I am using to determine when to display the ReCaptcha on the front-end.
Newsletter
Glimpse
Glimpse streamlines Laravel development by seamlessly deploying GitHub pull requests to preview environments with the help of Laravel Forge.
Community Partners
Laravel/PHP Careers