DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-12-26 06:04:08 -08:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Merge pull request #12221 from snipe/fixes/throttles_reset_password_form

Browse source 
Add throttle for password reset form
This commit is contained in:
snipe 2022-12-08 14:51:22 -08:00 committed by GitHub
parent bc2a455a89 c3a6874b16
commit 775df0ab60
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
app/Http/Controllers/Auth/ResetPasswordController.php
View file

@ -41,6 +41,7 @@ class ResetPasswordController extends Controller
public function __construct() public function __construct()
{ {
$this->middleware('guest'); $this->middleware('guest');
$this->middleware('throttle:10,1');
} }
protected function rules() protected function rules()
@ -116,7 +117,7 @@ class ResetPasswordController extends Controller
} }
\Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid'); \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
return redirect()->back()->withInput($request->only('email'))->with('error', trans('passwords.token')); return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));
} }