Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-03 11:56:01 +01:00
Code Issues Packages Projects Releases Activity

Rate limit the /auth/login route of ETAPI

Browse Source
This commit is contained in:
DynamoFox
2022-08-22 11:50:58 +02:00
parent 9ce0421ae7
commit b965f77f4a
4 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/etapi/auth.js
View File

@@ -3,8 +3,8 @@ const eu = require("./etapi_utils");
const passwordEncryptionService = require("../services/password_encryption");
const etapiTokenService = require("../services/etapi_tokens");
function register(router) {
eu.NOT_AUTHENTICATED_ROUTE(router, 'post', '/etapi/auth/login', (req, res, next) => {
function register(router, loginMiddleware) {
eu.NOT_AUTHENTICATED_ROUTE(router, 'post', '/etapi/auth/login', loginMiddleware, (req, res, next) => {
const {password, tokenName} = req.body;
if (!passwordEncryptionService.verifyPassword(password)) {