mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
5f2718cf29
* Replace `LoginRateLimiter.processLoginRequest` call by use of `RateLimiterMiddleware` * Lowercase the email to avoid rate-limit bypass * Remove unit test "when the users rate limit" * Use `EmailHelper.parseEmail` to normalize email in `processLoginRequest` This should address the `trim()` bypass * Use `.trim().toLowerCase()` instead of `EmailHelper.parseEmail` We can't use `EmailHelper.parseEmail`, else it breaks the test (and feature): "with username that does not look like an email" * Add acceptance test for rate limit * Add comment on rate limits * Rename `rateLimiter` to `rateLimiterLoginEmail` for clarity * Make the login rate limits configurable from the settings GitOrigin-RevId: cf1c3a416745f2b007c85014a5084570d4a049a7 |
||
---|---|---|
.. | ||
src | ||
templates | ||
views |