I use FOSRestBundle in Symfony 4 and I want to secure my Login Form using this.
I want to set up a limited number of connection attempts on the login form (5 maximum for 15 minutes, then 30 minutes then 1 hour)
I have search and i have found this link
https://blog.netinfluence.ch/2019/04/18/limiter-le-nombre-de-tentatives-de-connexions-sous-symfony/
But in this link it is implemented only if symfony guard is used to implement the login system. Thank you for you help !
Create new entity with ip, failedCount nad lastModified (as time). Whenever someone type wrong credentials insert or update it into new table with increased failedCount. Add logic depended on ip, failedCount and lastModified.
OR
Use google captcha :P