Homestyx hydra
Diffusion hydra 80294e7a4ad1

Add a rate limit to generating new account recovery links for a given account
80294e7a4ad1
Actions

Description

Add a rate limit to generating new account recovery links for a given account

Summary:
Depends on D20665. Ref T13343. We support CAPTCHAs on the "Forgot password?" flow, but not everyone configures them (or necessarily should, since ReCAPTCHA is a huge external dependency run by Google that requires you allow Google to execute JS on your domain) and the rate at which any reasonable user needs to take this action is very low.

Put a limit on the rate at which account recovery links may be generated for a particular account, so the worst case is a trickle of annoyance rather than a flood of nonsense.

Test Plan: {F6607794}

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13343

Differential Revision: https://secure.phabricator.com/D20666

Details

Provenance
epriestleyAuthored on Jul 19 2019, 12:38 PM
sirocylPushed on Oct 16 2024, 5:49 AM
Parents
R1:ced416cc735a: Allow Auth messages to have detailed descriptions and default values, then give…
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (3)

PathSize
src/
applications/
auth/
action/
people/
mail/

R1:80294e7a4ad1

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/action/PhabricatorAuthEmailLoginAction.php

Loading...
View Options

src/applications/people/mail/PhabricatorPeopleEmailLoginMailEngine.php

Loading...
styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)