Laravel Auth

PHP MIT

Laravel Auth by GhostCompiler adds advanced authentication for Laravel with TOTP 2FA, passkeys via WebAuthn, OTP channels (email, SMS, WhatsApp), trusted devices, and tenant-aware social login.

Stars
2
Forks
0
Downloads
N/A
Open Issues
0
Files main

Repository Files

Loading file structure...
src/Http/Middleware/ThrottleSensitiveAuth.php
<?php

declare(strict_types=1);

namespace GhostCompiler\LaravelAuth\Http\Middleware;

use Closure;
use GhostCompiler\LaravelAuth\Contracts\LaravelAuthManager;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use RuntimeException;
use Symfony\Component\HttpFoundation\Response;

class ThrottleSensitiveAuth
{
    public function __construct(protected LaravelAuthManager $secureAuth) {}

    public function handle(Request $request, Closure $next, string $bucket = 'otp'): Response
    {
        try {
            if ($this->secureAuth->tooManyAttempts($bucket, $request->user())) {
                throw new RuntimeException('Too many attempts');
            }
        } catch (RuntimeException $exception) {
            return new JsonResponse([
                'message' => $exception->getMessage(),
            ], 429);
        }

        return $next($request);
    }
}