Reset BFP for sudo action

Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
author: Marcel Müller <marcel-mueller@gmx.de> 2023-10-28 18:36:43 +0200
committer: Marcel Müller <marcel-mueller@gmx.de> 2023-10-28 18:36:43 +0200
commit: c2393fb7123910eedfcf828eef6ce37ec2c1799f (patch)
tree: b87ac6e1e48f0f371e3859d44408db49323db278 /core
parent: d56b1c28bab3daa3425d3ea552e34b0e607f08a3 (diff)
download: nextcloud-server-c2393fb7123910eedfcf828eef6ce37ec2c1799f.tar.gz
nextcloud-server-c2393fb7123910eedfcf828eef6ce37ec2c1799f.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index af43f2d4c4a..39ffcc81ac1 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -360,12 +360,13 @@ class LoginController extends Controller {
 		$loginResult = $this->userManager->checkPassword($loginName, $password);
 		if ($loginResult === false) {
 			$response = new DataResponse([], Http::STATUS_FORBIDDEN);
-			$response->throttle();
+			$response->throttle(['loginName' => $loginName]);
 			return $response;
 		}
 
 		$confirmTimestamp = time();
 		$this->session->set('last-password-confirm', $confirmTimestamp);
+		$this->throttler->resetDelay($this->request->getRemoteAddress(), 'sudo', ['loginName' => $loginName]);
 		return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
 	}
 }
author	Marcel Müller <marcel-mueller@gmx.de>	2023-10-28 18:36:43 +0200
committer	Marcel Müller <marcel-mueller@gmx.de>	2023-10-28 18:36:43 +0200
commit	c2393fb7123910eedfcf828eef6ce37ec2c1799f (patch)
tree	b87ac6e1e48f0f371e3859d44408db49323db278 /core
parent	d56b1c28bab3daa3425d3ea552e34b0e607f08a3 (diff)
download	nextcloud-server-c2393fb7123910eedfcf828eef6ce37ec2c1799f.tar.gz nextcloud-server-c2393fb7123910eedfcf828eef6ce37ec2c1799f.zip