From c3a6874b1619c7228f906feae80e051611ff517c Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 6 Dec 2022 20:42:40 -0800
Subject: [PATCH] Add throttle for password reset form

Signed-off-by: snipe <snipe@snipe.net>
---
 app/Http/Controllers/Auth/ResetPasswordController.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
index 1405a49b83..e7a0fb1af8 100644
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -41,6 +41,7 @@ class ResetPasswordController extends Controller
     public function __construct()
     {
         $this->middleware('guest');
+        $this->middleware('throttle:10,1');
     }
 
     protected function rules()
@@ -116,7 +117,7 @@ class ResetPasswordController extends Controller
             }
 
             \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
-            return redirect()->back()->withInput($request->only('email'))->with('error', trans('passwords.token'));
+            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));
 
         }