Add at most 10 password reset requests per 5 minutes and IP range
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
parent
363d1c69dd
commit
d0d34d308a
2 changed files with 4 additions and 1 deletions
|
@ -206,6 +206,7 @@ class LostController extends Controller {
|
|||
/**
|
||||
* @PublicPage
|
||||
* @BruteForceProtection(action=passwordResetEmail)
|
||||
* @AnonRateThrottle(limit=10, period=300)
|
||||
*
|
||||
* @param string $user
|
||||
* @return JSONResponse
|
||||
|
|
|
@ -31,7 +31,9 @@ OC.Lostpassword = {
|
|||
user : $('#user').val()
|
||||
},
|
||||
OC.Lostpassword.sendLinkDone
|
||||
);
|
||||
).fail(function() {
|
||||
OC.Lostpassword.sendLinkError(OC.Lostpassword.sendErrorMsg);
|
||||
});
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
Loading…
Reference in a new issue