I would like to be able to configure the throttle that is placed on Laravel Passport's oauth/token endpoint.
I've tracked it down to the RouteRegistrar.php file where the endpoint is registered:
$this->router->post('/token', [
'uses' => 'AccessTokenController@issueToken',
'as' => 'passport.token',
'middleware' => 'throttle',
]);
Can the rate of this throttle be set somewhere without having to fork the Passport package?
Adding the following code while registering Routes for Passport in boot function of App\Providers\AuthServiceProvider will set throttle limit to 100 requests per minute. throttle:100,1 could be changed to increase or decrease throttle to desired limit. This actually registers the route before default RouteRegistrar tries to register all passport routes in RouteRegistrar.php
Passport::routes(
function($routeRegistrar){
$routeRegistrar->all();
Route::post('/token', [
'uses' => 'AccessTokenController@issueToken',
'middleware' => 'throttle:100,1',
]);
}
);