Ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 18:01:36 +03:00

History

Fabien 'egg' O'Carroll 1af2b50dcf Added userAuth brute middleware to members auth endpoint (#13152 ) refs https://github.com/TryGhost/Team/issues/696 The userAuth spam prevention logic is reused, but a new piece of middleware has to be created so that we can use a custom lookup key to conatin the member email. We must also add json parsing middleware to the route so that the brute middleware can read the email. The express body-parser middleware handles multiple instances on the same route, so this doesn't cause problems upstream. https://github.com/expressjs/body-parser/blob/1.19.0/lib/types/json.js#L99-L103	2021-07-19 09:40:38 +01:00
..
app.js	Added userAuth brute middleware to members auth endpoint (#13152 )	2021-07-19 09:40:38 +01:00
index.js	Moved members routing+mw into its own app	2020-04-30 13:03:27 +01:00

Fabien 'egg' O'Carroll 1af2b50dcf

Added userAuth brute middleware to members auth endpoint (#13152 )

refs https://github.com/TryGhost/Team/issues/696

The userAuth spam prevention logic is reused, but a new piece of
middleware has to be created so that we can use a custom lookup key to
conatin the member email.

We must also add json parsing middleware to the route so that the brute
middleware can read the email.

The express body-parser middleware handles multiple instances on the
same route, so this doesn't cause problems upstream.

https://github.com/expressjs/body-parser/blob/1.19.0/lib/types/json.js#L99-L103

2021-07-19 09:40:38 +01:00

app.js

Added userAuth brute middleware to members auth endpoint (#13152 )

2021-07-19 09:40:38 +01:00

index.js

Moved members routing+mw into its own app

2020-04-30 13:03:27 +01:00