enhance: replace signin CAPTCHA with rate limit (#8740)
* enhance: rate limit works without signed in user * fix: make limit key required for limiter As before the fallback limiter key will be set from the endpoint name. * enhance: use limiter for signin * Revert "CAPTCHA求めるのは2fa認証が無効になっているときだけにした" This reverts commit02a43a310f. * Revert "feat: make captcha required when signin to improve security" This reverts commitb21b058005. * fix undefined reference * fix: better error message * enhance: only handle prefix of IPv6
This commit is contained in:
Johann150
GitHub
parent
cec3dcec8a
commit
161659de5c
7 changed files with 75 additions and 57 deletions
|
|
@ -27,6 +27,8 @@ You should also include the user name that made the change.
|
|||
Your own theme color may be unset if it was in an invalid format.
|
||||
Admins should check their instance settings if in doubt.
|
||||
- Perform port diagnosis at startup only when Listen fails @mei23
|
||||
- Rate limiting is now also usable for non-authenticated users. @Johann150
|
||||
Admins should make sure the reverse proxy sets the `X-Forwarded-For` header to the original address.
|
||||
|
||||
### Bugfixes
|
||||
- Client: fix settings page @tamaina
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue