When logging in with username or email in Laravel 5, what should I do if the verification code is displayed multiple times due to login errors?

Laravel's Auth defaults to logging in via email. How to change it to username or email to log in?
How to implement verification code when multiple login errors are displayed? (This is the YII2 method)
When logging in, you can log in with your username or email. When the username/email or password is incorrect three times, you will be asked to enter a verification code. How to achieve this?

Reply content:

Laravel's Auth defaults to logging in via email. How to change it to username or email to log in?
How to implement verification code when multiple login errors are displayed? (This is the YII2 method)
When logging in, you can log in with your username or email. When the username/email or password is incorrect three times, you will be asked to enter a verification code. How to achieve this?

Rewrite postLogin login function:

<code>/**
 * Handle a login request to the application.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\Response
 */
public function postLogin(Request $request)
{
    //获取表单的值
    $username = $request->input('username');
    $password = $request->input('password');
    $remeber = $request->input('remember');
    //判断是邮箱还是用户名登录
    $type = filter_var($username, FILTER_VALIDATE_EMAIL ) ? 'email' : 'username';

    //登录表单验证
    $validator = Validator::make($request->all(), [
        'username' => 'bail|required|min:5|max:30',
        'password' => 'bail|required|min:8|max:50',
    ]);

    //表单验证失败提示
    if ($validator->fails()) {
        $errors = $validator->errors()->all();
        if (count($errors) > 0) {
            Flash::error(implode('<br>', $errors));
        }
        return redirect('/login')
                    ->withInput();
    }

    //登录验证
    if ($type == 'email') {
        if (Auth::attempt(['email' => $username, 'password' => $password], $request->has('remember'))) {
            Flash('登录成功');
            return redirect()->intended($this->redirectPath());
        }
    } else if (Auth::attempt(['username' => $username, 'password' => $password], $request->has('remember'))) {
        Flash('登录成功');
        return redirect()->intended($this->redirectPath());
    } else {
        Flash(Lang::get('auth.failed'), 'error');
        return redirect('/login')
                    ->withInput();
    }
}</code>

The problem has not been completely solved, so I will hang it up for now.

After the client logs in, the click count parameter is submitted to the server. If it is unsuccessful, the response will include the value of the next login count to the client, and the server will record the session. By analogy, up to 3 times, the customer service side directly requests asynchronously to pull the verification code, and then fills in the login. Bring the login number parameter, and the server will judge the number of times. If it does not reach 3 times, there is no need to judge the verification code, and vice versa.