From 288fe38590788fb737eb4280309846c76c51e7c3 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 31 Aug 2018 11:44:07 +0200 Subject: Use custom rate limiter when asking verif email --- server/controllers/api/users/index.ts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'server/controllers/api/users') diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 008c34ca4..01ee73a53 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts @@ -42,6 +42,12 @@ const loginRateLimiter = new RateLimit({ delayMs: 0 }) +const askSendEmailLimiter = new RateLimit({ + windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, + max: RATES_LIMIT.ASK_SEND_EMAIL.MAX, + delayMs: 0 +}) + const usersRouter = express.Router() usersRouter.use('/', meRouter) @@ -114,7 +120,7 @@ usersRouter.post('/:id/reset-password', ) usersRouter.post('/ask-send-verify-email', - loginRateLimiter, + askSendEmailLimiter, asyncMiddleware(usersAskSendVerifyEmailValidator), asyncMiddleware(askSendVerifyUserEmail) ) -- cgit v1.2.3