tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add POST /api/v1/emails/confirmations to REST API (#15816)

Browse Source 
Only available to the application the user originally signed-up with
This commit is contained in:
Eugen Rochko
2021-03-01 18:39:47 +01:00
committed by GitHub
parent 287aa75f2e
commit ee1119208c
3 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
config/initializers/rack_attack.rb
View File

@ -94,11 +94,15 @@ class Rack::Attack
end
throttle('throttle_email_confirmations/ip', limit: 25, period: 5.minutes) do |req|
req.remote_ip if req.post? && req.path == '/auth/confirmation'
req.remote_ip if req.post? && %w(/auth/confirmation /api/v1/emails/confirmations).include?(req.path)
end
throttle('throttle_email_confirmations/email', limit: 5, period: 30.minutes) do |req|
req.params.dig('user', 'email').presence if req.post? && req.path == '/auth/password'
if req.post? && req.path == '/auth/password'
req.params.dig('user', 'email').presence
elsif req.post? && req.path == '/api/v1/emails/confirmations'
req.authenticated_user_id
end
end
throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req|