I wish to disable request throttling for users that are authenticated through the API.
Kernel:
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:240,1'
],
];
Throttle here will limit the requests to 240 per minute regardless of whether or not a user is authenticated.
How would it be possible to do this so it only throttles unauthenticated users?
You could pack all auth routes to one group and set throttle to unlimited or in your controller class constructor you can disable ThrottleRequests middleware.
Please check this thread: Disable rate limiter in Laravel?