Add rate limit to TOTP solve challenge controller

Fixes https://github.com/nextcloud/server/issues/2626 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
author: Lukas Reschke <lukas@statuscode.ch> 2017-04-22 07:59:40 +0200
committer: Lukas Reschke <lukas@statuscode.ch> 2017-04-22 07:59:40 +0200
commit: c1b8f152d8faeabe44c6276033c82d2c6453326d (patch)
tree: d8c81c6f4212c32a4c23827b2aaec8b80bd96cea /core/Controller/TwoFactorChallengeController.php
parent: 363d1c69dda472c76cf258e1fcd77d5765671e2b (diff)
download: nextcloud-server-c1b8f152d8faeabe44c6276033c82d2c6453326d.tar.gz
nextcloud-server-c1b8f152d8faeabe44c6276033c82d2c6453326d.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php
index fd4811d3ff6..9f379ad30d7 100644
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@@ -143,6 +143,8 @@ class TwoFactorChallengeController extends Controller {
 	 * @NoCSRFRequired
 	 * @UseSession
 	 *
+	 * @UserRateThrottle(limit=5, period=100)
+	 *
 	 * @param string $challengeProviderId
 	 * @param string $challenge
 	 * @param string $redirect_url
author	Lukas Reschke <lukas@statuscode.ch>	2017-04-22 07:59:40 +0200
committer	Lukas Reschke <lukas@statuscode.ch>	2017-04-22 07:59:40 +0200
commit	c1b8f152d8faeabe44c6276033c82d2c6453326d (patch)
tree	d8c81c6f4212c32a4c23827b2aaec8b80bd96cea /core/Controller/TwoFactorChallengeController.php
parent	363d1c69dda472c76cf258e1fcd77d5765671e2b (diff)
download	nextcloud-server-c1b8f152d8faeabe44c6276033c82d2c6453326d.tar.gz nextcloud-server-c1b8f152d8faeabe44c6276033c82d2c6453326d.zip