Ghost/core/server/web/api/v2/admin
Fabien O'Carroll ae71f2deca Added spam prevention for v2 sessions (#10030)
no-issue

- Added spam prevention to POST /session
  - This blocks repeated requests the the /session endpoint preventing brute
force password attacks
- Updated session controller to reset brute middleware
  - This updates the session controller to reset the brute force protection
on a successful login. This is required so that a user is not locked out
forever :o!!
2018-10-18 09:58:29 +01:00
..
app.js Optimised web/ debug logs 2018-10-04 17:43:08 +02:00
middleware.js Wired up {GET,POST,DELETE} /session to v2 admin api 2018-10-05 17:45:17 +07:00
routes.js Added spam prevention for v2 sessions (#10030) 2018-10-18 09:58:29 +01:00