Laravel 5.5 ThrottleRequest middleware
I understand decayMinutes
as the retention time. For intance, if you want to give a 10 try to login with wrong password but if he tries for 11 times, the user gets blocked for the number of minutes specified in decayMinutes
. If you specify 10 minutes as your decayMinutes
, the user is blocked for 10 minutes
decayMinutes
- it's a time within your limit will be counted. Technically limits is a value with TTL (Time To Live) $decayMinutes * 60
secs in cache that increments on every hit. When TTL is over value automatically will be destroyed in cache and new hits count will be start.
Look at RateLimit::hit() code. It's pretty clear:
/** * Increment the counter for a given key for a given decay time. * * @param string $key * @param float|int $decayMinutes * @return int */public function hit($key, $decayMinutes = 1){ $this->cache->add( $key.':timer', $this->availableAt($decayMinutes * 60), $decayMinutes ); $added = $this->cache->add($key, 0, $decayMinutes); $hits = (int) $this->cache->increment($key); if (! $added && $hits == 1) { $this->cache->put($key, 1, $decayMinutes); } return $hits;}
If you want to limit some activity by 10 hits per 5 minutes, than decayMinutes
must be 5.