l2t

How to implement Laravel RateLimiting feature?

Asked: a month ago

If you want to specifically limit some routes to add some rate limiting restrictions you can use following code as per your scenario:

Hardcoded RateLimiter

Syntax: throttle:requests,seconds

Problem-1: Allow 10 requests per hour for certain routes.

// Solution-1
Route::middleware('throttle:10,60')->group(function () {
  Route::post('/users', 'UserController@store');
  Route::get('/user/{:id}', 'UserController@show');
  Route::delete('/user/{:id}', 'UserController@delete');
});

// Solution-2
Route::group(['middleware' => 'throttle:10,60'], function () {
  Route::post('/users', 'UserController@store');
  Route::get('/user/{:id}', 'UserController@show');
  Route::delete('/user/{:id}', 'UserController@delete');
});

Dynamic Rate Limiting

  • If you have a user model and you want to setup rate limiting dynamically for logged in user
  • Let say you have a column in your UserModel called rate_limit
  • In above case you want to limit number of requests set in rate_limit column in your users table
  • Followinc code limits throttles requests as per rate_limit column value per second
Route::middleware('auth:api', 'throttle:rate_limit,1')->group(function () {
  Route::post('/users', 'UserController@store');
  Route::get('/user/{:id}', 'UserController@show');
  Route::delete('/user/{:id}', 'UserController@delete');
});

RateLimit single route in Laravel

Route::get('/users', ['middleware' => 'throttle:2', 'uses' => 'UserController@list']);
Viewed: 51 times
Liked: 1 times