Laravel 5.6 Dynamic Rate Limiting Provides Per-User Request Throttling
Published on by Paul Redmond
Coming in Laravel 5.6 you can use dynamic rate-limiting to determine the maximum number of requests that a user can make based on an attribute of the authenticated user model.
Previously, when specifying a rate-limit on a group of routes, you had to provide a hard-coded number of maximum requests. Here’s how you define rate-limiting in Laravel 5.5 or earlier:
Route::middleware('auth:api', 'throttle:60,1')->group(function () { Route::get('/user', function () { // });});
In Laravel 5.6, here’s how you specify a User
model attribute used to determine the number of requests a user can make within the provided timeframe (in minutes):
Route::middleware('auth:api', 'throttle:rate_limit,1')->group(function () { Route::get('/user', function () { // });});
Laravel 5.6 is due out next week after Taylor Otwell’s talk at Laracon Online, where he give us an overview of new features in Laravel 5.6 and Spark 6.0:
???? I plan to release Laravel 5.6 right after my @LaraconOnline talk next week. Join in to get an overview of the new features for Laravel 5.6 and Spark 6.0.
— Taylor Otwell ????♂️ (@taylorotwell) January 31, 2018
You can see the release notes, which summarize the most notable changes to the framework. For a more thorough version check the Laravel 5.6 changelogs on GitHub.