From e111b4cc18a73662f5dbcd9c7e1fc380cca7d9a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Tue, 23 Dec 2025 15:42:14 +0100 Subject: [PATCH] Increase JWT abuse limit --- app/controllers/api/account.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index b28ff4602d..36311e8461 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -2955,7 +2955,8 @@ App::post('/v1/account/jwts') contentType: ContentType::JSON, )) ->param('duration', 900, new Range(0, 3600), 'Time in seconds before JWT expires. Default duration is 900 seconds, and maximum is 3600 seconds.', true) - ->label('abuse-limit', 100) + ->label('abuse-limit', APP_LIMIT_WRITE_RATE_DEFAULT * 2) + ->label('abuse-time', APP_LIMIT_WRITE_RATE_PERIOD_DEFAULT) ->label('abuse-key', 'url:{url},userId:{userId}') ->inject('response') ->inject('user')