If you want to specifically limit some routes to add some rate limiting restrictions you can use following code as per your scenario:
Hardcoded RateLimiter
Syntax: throttle:requests,seconds
Problem-1: Allow 10 requests per hour for certain routes.
// Solution-1
Route::middleware('throttle:10,60')->group(function () {
Route::post('/users', 'UserController@store');
Route::get('/user/{:id}', 'UserController@show');
Route::delete('/user/{:id}', 'UserController@delete');
});
// Solution-2
Route::group(['middleware' => 'throttle:10,60'], function () {
Route::post('/users', 'UserController@store');
Route::get('/user/{:id}', 'UserController@show');
Route::delete('/user/{:id}', 'UserController@delete');
});
Dynamic Rate Limiting
- If you have a user model and you want to setup rate limiting dynamically for logged in user
- Let say you have a column in your UserModel called rate_limit
- In above case you want to limit number of requests set in rate_limit column in your users table
- Followinc code limits throttles requests as per rate_limit column value per second
Route::middleware('auth:api', 'throttle:rate_limit,1')->group(function () {
Route::post('/users', 'UserController@store');
Route::get('/user/{:id}', 'UserController@show');
Route::delete('/user/{:id}', 'UserController@delete');
});
RateLimit single route in Laravel
Route::get('/users', ['middleware' => 'throttle:2', 'uses' => 'UserController@list']);