Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 19:46:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

added artificial delay on reset route so that the heat death of the universe will arrive before you manage to identify a valid reset code

Browse Source
This commit is contained in:
Julian Lam
2017-08-16 12:51:02 -04:00
parent 12e50b9ae2
commit 6ec1bfd660
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/middleware/index.js
View File

@@ -181,3 +181,8 @@ middleware.processTimeagoLocales = function (req, res, next) {
}, },
], next); ], next);
}; };
middleware.delayLoading = function (req, res, next) {
// Introduces an artificial delay during load so that brute force attacks are effectively mitigated
setTimeout(next, 1000);
};

2
src/routes/index.js
View File

@@ -32,7 +32,7 @@ function mainRoutes(app, middleware, controllers) {
setupPageRoute(app, '/confirm/:code', middleware, [], controllers.confirmEmail); setupPageRoute(app, '/confirm/:code', middleware, [], controllers.confirmEmail);
setupPageRoute(app, '/outgoing', middleware, [], controllers.outgoing); setupPageRoute(app, '/outgoing', middleware, [], controllers.outgoing);
setupPageRoute(app, '/search', middleware, [], controllers.search.search); setupPageRoute(app, '/search', middleware, [], controllers.search.search);
setupPageRoute(app, '/reset/:code?', middleware, [], controllers.reset); setupPageRoute(app, '/reset/:code?', middleware, [middleware.delayLoading], controllers.reset);
setupPageRoute(app, '/tos', middleware, [], controllers.termsOfUse); setupPageRoute(app, '/tos', middleware, [], controllers.termsOfUse);
} }