Merge pull request 'move selfservice magic link endpoint to 15min rate limit' (#200 ) from feature/runner-selfservice-login-link-rate-limit into dev

Reviewed-on: #200
move to 15min limit
2023-02-03 15:09:34 +00:00 · 2023-02-03 14:12:28 +01:00
1 changed files with 2 additions and 2 deletions
--- a/src/controllers/RunnerSelfServiceController.ts
+++ b/src/controllers/RunnerSelfServiceController.ts
@ -119,7 +119,7 @@ export class RunnerSelfServiceController {
 	@Post('/runners/login')
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
 	@OnUndefined(ResponseEmpty)
-	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 24hrs).' })
+	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 15mins).' })
 	async requestNewToken(@QueryParam('mail') mail: string, @QueryParam("locale") locale: string = "en") {
 		if (!mail) {
 			throw new RunnerNotFoundError();
@ -127,7 +127,7 @@ export class RunnerSelfServiceController {
 		const runner = await this.runnerRepository.findOne({ email: mail });
 		if (!runner) { throw new RunnerNotFoundError(); }

-		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 60 * 24)) { throw new RunnerSelfserviceTimeoutError(); }
+		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 15)) { throw new RunnerSelfserviceTimeoutError(); }
 		const token = JwtCreator.createSelfService(runner);

 		try {
Author	SHA1	Message	Date
Philipp Dormann	39f3b0e01f	Merge pull request 'move selfservice magic link endpoint to 15min rate limit' (#200 ) from feature/runner-selfservice-login-link-rate-limit into dev All checks were successful continuous-integration/drone/push Build is passing Details Reviewed-on: #200	2023-02-03 15:09:34 +00:00
Philipp Dormann	edaf255e8f	move to 15min limit All checks were successful continuous-integration/drone/pr Build is passing Details	2023-02-03 14:12:28 +01:00