From 288fe38590788fb737eb4280309846c76c51e7c3 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Fri, 31 Aug 2018 11:44:07 +0200
Subject: Use custom rate limiter when asking verif email

---
 server/controllers/api/users/index.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'server/controllers/api/users/index.ts')

diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index 008c34ca4..01ee73a53 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -42,6 +42,12 @@ const loginRateLimiter = new RateLimit({
   delayMs: 0
 })
 
+const askSendEmailLimiter = new RateLimit({
+  windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS,
+  max: RATES_LIMIT.ASK_SEND_EMAIL.MAX,
+  delayMs: 0
+})
+
 const usersRouter = express.Router()
 usersRouter.use('/', meRouter)
 
@@ -114,7 +120,7 @@ usersRouter.post('/:id/reset-password',
 )
 
 usersRouter.post('/ask-send-verify-email',
-  loginRateLimiter,
+  askSendEmailLimiter,
   asyncMiddleware(usersAskSendVerifyEmailValidator),
   asyncMiddleware(askSendVerifyUserEmail)
 )
-- 
cgit v1.2.3