Merge pull request #2117 from nextcloud/master-add-bruteforce-check-to-person-endpoint

Add bruteforce checker to Person.php
This commit is contained in:
Roeland Jago Douma 2016-11-14 17:18:31 +01:00 committed by GitHub
commit 0e60b78378

View file

@ -31,10 +31,13 @@ class Person {
$login = isset($_POST['login']) ? $_POST['login'] : false;
$password = isset($_POST['password']) ? $_POST['password'] : false;
if($login && $password) {
$remoteIp = \OC::$server->getRequest()->getRemoteAddress();
\OC::$server->getBruteForceThrottler()->sleepDelay($remoteIp);
if(\OC_User::checkPassword($login, $password)) {
$xml['person']['personid'] = $login;
return new Result($xml);
} else {
\OC::$server->getBruteForceThrottler()->registerAttempt('login', $remoteIp);
return new Result(null, 102);
}
} else {