agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-27 19:11:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add a rate-limit to the email-confirm endpoint

Browse Source
This commit is contained in:
Shane Kilkelly
2018-09-11 10:31:27 +01:00
parent 6cfe68db26
commit efb6018246
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
services/web/app/coffee/router.coffee
View File

@@ -69,7 +69,6 @@ module.exports = class Router
webRouter.get '/logout', UserController.logout
webRouter.get '/restricted', AuthorizationMiddlewear.restricted
webRouter.get '/account-merge/email/confirm', AccountMergeEmailController.confirmMergeFromEmail
if Features.hasFeature('registration')
webRouter.get '/register', UserPagesController.registerPage
@@ -345,6 +344,15 @@ module.exports = class Router
webRouter.post '/admin/messages', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.createMessage
webRouter.post '/admin/messages/clear', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.clearMessages
webRouter.get '/account-merge/email/confirm',
RateLimiterMiddlewear.rateLimit({
endpointName: "account-merge-email-confirm",
ipOnly: true,
maxRequests: 10
timeInterval: 60
}),
AccountMergeEmailController.confirmMergeFromEmail
privateApiRouter.get '/perfTest', (req,res)->
res.send("hello")