diff --git a/api/src/routes/login.ts b/api/src/routes/login.ts index 526a2b1..fa2d26d 100644 --- a/api/src/routes/login.ts +++ b/api/src/routes/login.ts @@ -28,7 +28,7 @@ const beginRatelimiter = new RateLimiter('/login/begin', { limit: 10, timeframe: const completeRatelimiter = new RateLimiter('/login/complete', { limit: 5, timeframe: 30 }); app.post('/login/begin', - (...args) => beginRatelimiter.execute(...args), + (_args) => beginRatelimiter.middleware(), requireAuth({ noAuthOnly: true }), async (req: Request, res: Response) => { if (typeof await isAuthenticated(req) == 'string') return res.status(403).send({ error: 'You are already authenticated' }); @@ -40,14 +40,14 @@ app.post('/login/begin', }); app.post('/login/complete', - (...args) => completeRatelimiter.execute(...args), + (_args) => completeRatelimiter.middleware(), requireAuth({ noAuthOnly: true }), async (req: Request, res: Response) => { const body = req.body as CompleteReqBody; if ((!body.user || typeof body.user != 'string') || (!body.nonce || typeof body.nonce != 'string') || (!body.code || typeof body.code != 'string')) return badRequest(res); - + const loginAttempt = await pendingLoginsCollection.findOne({ code: body.code, user: body.user,