lfk
/
backend
2
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 40 Wiki Activity

move selfservice magic link endpoint to 15min rate limit #200

Merged
philipp merged 1 commits from feature/runner-selfservice-login-link-rate-limit into dev 2023-02-03 15:09:34 +00:00
Conversation 0 Commits 1 Files Changed 1 +2 -2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/controllers/RunnerSelfServiceController.ts
View File

@ -119,7 +119,7 @@ export class RunnerSelfServiceController {
@Post('/runners/login')
@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
@OnUndefined(ResponseEmpty)
@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 24hrs).' })
@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 15mins).' })
async requestNewToken(@QueryParam('mail') mail: string, @QueryParam("locale") locale: string = "en") {
if (!mail) {
throw new RunnerNotFoundError();
@ -127,7 +127,7 @@ export class RunnerSelfServiceController {
const runner = await this.runnerRepository.findOne({ email: mail });
if (!runner) { throw new RunnerNotFoundError(); }
if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 60 * 24)) { throw new RunnerSelfserviceTimeoutError(); }
if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 15)) { throw new RunnerSelfserviceTimeoutError(); }
const token = JwtCreator.createSelfService(runner);
try {