PHPackages beliven-it/laravel-lockout - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. beliven-it/laravel-lockout ActiveLibrary beliven-it/laravel-lockout ========================== A small Laravel package to lock out a user after X failed login attempts. 1.1.0(6mo ago)031[2 PRs](https://github.com/beliven-it/laravel-lockout/pulls)MITPHPPHP ^8.4|^8.3CI passing Since Nov 2Pushed 1mo agoCompare [ Source](https://github.com/beliven-it/laravel-lockout)[ Packagist](https://packagist.org/packages/beliven-it/laravel-lockout)[ Docs](https://github.com/beliven-it/laravel-lockout)[ GitHub Sponsors](https://github.com/Beliven)[ RSS](/packages/beliven-it-laravel-lockout/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (13)Versions (6)Used By (0) Laravel Lockout =============== [](#laravel-lockout) [![Laravel Lockout banner](./repo/banner.png)](./repo/banner.png) [![Latest Version on Packagist](https://camo.githubusercontent.com/2e06dde448f9adafda19233c469b90e1b76b9d1190178b14478bfccb9989a76a/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f62656c6976656e2d69742f6c61726176656c2d6c6f636b6f75742e7376673f7374796c653d666f722d7468652d6261646765266c6162656c436f6c6f723d32613263326526636f6c6f723d306662636364)](https://packagist.org/packages/beliven-it/laravel-lockout)[![GitHub Tests Action Status](https://camo.githubusercontent.com/c7a0c5f787398c7263eb9b761db58960424d640b02de365d7627aa49d7afb966/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f62656c6976656e2d69742f6c61726176656c2d6c6f636b6f75742f72756e2d74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666f722d7468652d6261646765266c6162656c436f6c6f723d32613263326526636f6c6f723d306662636364)](https://github.com/beliven-it/laravel-lockout/actions?query=workflow%3Arun-tests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/5186a2f405db25ad511de8ec802e0c3cb97520a5bed29fa10865ebf714c915f0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f62656c6976656e2d69742f6c61726176656c2d6c6f636b6f75742f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666f722d7468652d6261646765266c6162656c436f6c6f723d32613263326526636f6c6f723d306662636364)](https://github.com/beliven-it/laravel-lockout/actions?query=workflow%3A%22Fix+PHP+code+style+issues%22+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/d0eae18dc246a1a3d777272233d98cfade2c206bd699fae68370c7e2f3ccdc02/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f62656c6976656e2d69742f6c61726176656c2d6c6f636b6f75742e7376673f7374796c653d666f722d7468652d6261646765266c6162656c436f6c6f723d32613263326526636f6c6f723d306662636364)](https://packagist.org/packages/beliven-it/laravel-lockout) A small, opinionated Laravel package that locks accounts after repeated failed login attempts. It provides both in-memory throttling (cache counters) and optional persistent locks stored in the database, plus unlock notifications via a temporary signed link. --- Quick Start (Usage) ------------------- [](#quick-start-usage) These steps get you from install to a working lockout flow in your app. 1. Install with Composer: ``` composer require beliven-it/laravel-lockout ``` 2. Publish configuration and migration stubs: ``` php artisan vendor:publish --tag="lockout-config" php artisan vendor:publish --tag="lockout-migrations" php artisan migrate ``` 3. Add the trait to your authentication model (e.g. `App\Models\User`) and implement the `LockableModel` contract: ``` use Beliven\Lockout\Traits\HasLockout; use Beliven\Lockout\Contracts\LockableModel; class User extends Authenticatable implements LockableModel { use HasLockout; } ``` 4. Protect your login route with the middleware: ``` use Beliven\Lockout\Http\Middleware\EnsureUserIsNotLocked; Route::post('/login', [LoginController::class, 'login']) ->middleware(EnsureUserIsNotLocked::class); ``` The package also expose an additional middleware for ensure that locked users cannot access to any routes: ``` use Beliven\Lockout\Http\Middleware\EnsureUserCannotAccessWhenLocked; Route::middleware([EnsureUserCannotAccessWhenLocked::class])->group(function () { // protected routes for authenticated users }); ``` 5. Scheduler (recommended) - The package includes a console command `lockout:prune` to remove old records according to the retention values in `config('lockout.prune')` (`prune.lockout_logs_days` and `prune.model_lockouts_days`). In production you should schedule this command to run regularly via Laravel's scheduler (and ensure your cron runs `schedule:run`). Example: register scheduled tasks in `routes/console.php` ```