diff options
| author | Joas Schilling <213943+nickvergessen@users.noreply.github.com> | 2023-10-30 14:27:36 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-10-30 14:27:36 +0100 |
| commit | f72ec9e2466388b875f5fe1d41df82006e970261 (patch) | |
| tree | b72aad80444b368b5538ac0a658d6e65f815e579 | |
| parent | d0db4d6ecf69fee46da7be513310425fb94c165c (diff) | |
| parent | c2393fb7123910eedfcf828eef6ce37ec2c1799f (diff) | |
| download | nextcloud-server-f72ec9e2466388b875f5fe1d41df82006e970261.tar.gz nextcloud-server-f72ec9e2466388b875f5fe1d41df82006e970261.zip | |
Merge pull request #41177 from nextcloud/fix/noid/reset-bfp-on-sudo-action
Reset BFP for sudo action
| -rw-r--r-- | core/Controller/LoginController.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index af43f2d4c4a..39ffcc81ac1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -360,12 +360,13 @@ class LoginController extends Controller { $loginResult = $this->userManager->checkPassword($loginName, $password); if ($loginResult === false) { $response = new DataResponse([], Http::STATUS_FORBIDDEN); - $response->throttle(); + $response->throttle(['loginName' => $loginName]); return $response; } $confirmTimestamp = time(); $this->session->set('last-password-confirm', $confirmTimestamp); + $this->throttler->resetDelay($this->request->getRemoteAddress(), 'sudo', ['loginName' => $loginName]); return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK); } } |