daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 14:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7863 from nextcloud/time-punish-failed-logins

Browse Source 
aio-interface: Punish failed login attempts with a delay
This commit is contained in:
Simon L.
2026-04-09 14:35:22 +02:00
committed by GitHub
parent 11fcb7d25e b67b3bbe15
commit e563102339
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
php/src/Controller/LoginController.php
View File

@@ -28,6 +28,9 @@ readonly class LoginController {
return $response->withHeader('Location', '.')->withStatus(201);
}
// Punish failed auth attempts with a delay, as a very simple means against bots.
sleep(5);
$response->getBody()->write("The password is incorrect.");
return $response->withHeader('Location', '.')->withStatus(422);
}
@@ -39,6 +42,9 @@ readonly class LoginController {
return $response->withHeader('Location', '../..')->withStatus(302);
}
// Punish failed auth attempts with a delay, as a very simple means against bots.
sleep(5);
return $response->withHeader('Location', '../..')->withStatus(302);
}