From a4c1275764062230e3ae16226ed019c88cbf5755 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Mon, 10 Jun 2024 18:09:30 +1200 Subject: [PATCH] Add abuse limit for update password --- app/controllers/api/account.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 9461af661b..9d0b60dbaf 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -2524,6 +2524,7 @@ App::patch('/v1/account/password') ->label('sdk.response.model', Response::MODEL_USER) ->label('sdk.offline.model', '/account') ->label('sdk.offline.key', 'current') + ->label('abuse-limit', 10) ->param('password', '', fn ($project, $passwordsDictionary) => new PasswordDictionary($passwordsDictionary, $project->getAttribute('auths', [])['passwordDictionary'] ?? false), 'New user password. Must be at least 8 chars.', false, ['project', 'passwordsDictionary']) ->param('oldPassword', '', new Password(), 'Current user password. Must be at least 8 chars.', true) ->inject('requestTimestamp')