Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message

Login Gate Bundle Laravel Package

41man/login-gate-bundle

Symfony bundle that detects brute-force login attacks and temporarily blocks offending clients. Configurable max attempts, ban timeout and watch period, with ORM/session/MongoDB storage options and an event to hook custom handlers. Includes a checker service for allow/deny and clearing attempts.

View on GitHub
Deep Wiki
Context7

LoginGateBundle

Build Status

This bundle detects brute-force attacks on Symfony applications. It then will disable login for attackers for a certain period of time. This bundle also provides special events to execute custom handlers when a brute-force attack is detected.

Compatability

The bundle is since version 0.6 compatible with Symfony 4.

Installation

Add this bundle via Composer:

composer require anyx/login-gate-bundle

Configuration:

Add in app/config/config.yml:

login_gate:
    storages: ['orm'] # Attempts storages. Available storages: ['orm', 'session', 'mongodb']
    options:
        max_count_attempts: 3
        timeout: 600 #Ban period
        watch_period: 3600 #Only for databases storage. Period of actuality attempts

Register event handler (optional).

services:
      acme.brute_force_listener:
          class: Acme\BestBundle\Listener\BruteForceAttemptListener
          tags:
              - { name: kernel.event_listener, event: security.brute_force_attempt, method: onBruteForceAttempt }

Usage

In the following example we import the checker via dependency injection in SecurityController.php.

namespace App\Controller;

use Anyx\LoginGateBundle\Service\BruteForceChecker;

/**
 * @var BruteForceChecker $bruteForceChecker
 */
private $bruteForceChecker;

/**
 * SecurityController constructor.
 * @param BruteForceChecker $bruteForceChecker
 */
public function __construct(BruteForceChecker $bruteForceChecker)
{
    $this->bruteForceChecker = $bruteForceChecker;
}

We can now use the checker to see if a person is allowed to login.

$this->bruteForceChecker->canLogin($request)

We can also clear the loginattempts when a login is succesful.

$this->bruteForceChecker->getStorage()->clearCountAttempts($request);

For more examples take a look at the tests.

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
yandex/translate-api
voku/simple_html_dom
league/flysystem-vfs
bkwld/upchuck
filament/spatie-laravel-tags-plugin
capell-app/block-library
axium/identity
cetria/laravel-dummy-models
cetria/reflection-helper
agropredict/sso-auth-bundle
evolvestudio/spam-protection
datacore/hub-sdk
develia/commons
cuci/prototurk-sdk
cuci/prototurk-sdk-symfony
develia/geo-bundle
dreamzy/livewire-charts
touchestate-sdk/php-sdk
22h/doctrine-garbage-collection-bundle
agtp/agtp-php