github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

Add a rate-limit to the email-confirm endpoint

Browse source
This commit is contained in:
Shane Kilkelly 2018-09-11 10:31:27 +01:00
parent 6cfe68db26
commit efb6018246
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
services/web/app/coffee/router.coffee
View file

@ -69,7 +69,6 @@ module.exports = class Router
webRouter.get '/logout', UserController.logout
webRouter.get '/restricted', AuthorizationMiddlewear.restricted
webRouter.get '/account-merge/email/confirm', AccountMergeEmailController.confirmMergeFromEmail
if Features.hasFeature('registration')
webRouter.get '/register', UserPagesController.registerPage
@ -345,6 +344,15 @@ module.exports = class Router
webRouter.post '/admin/messages', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.createMessage
webRouter.post '/admin/messages/clear', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.clearMessages
webRouter.get '/account-merge/email/confirm',
RateLimiterMiddlewear.rateLimit({
endpointName: "account-merge-email-confirm",
ipOnly: true,
maxRequests: 10
timeInterval: 60
}),
AccountMergeEmailController.confirmMergeFromEmail
privateApiRouter.get '/perfTest', (req,res)->
res.send("hello")