X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmongooseim%2Fmongoose_im_controller.ex;h=04d823b362a7d807972340330c702f628f9102c9;hb=4e81b4b190161ebb0c496c682fa8e1e0c38a3903;hp=f8c634653f8dc21815e1e6e2a2e6eb5f1e1a7aa1;hpb=f959bf7aa6b878ee5b669c4caabd5cdc4cc2dc9e;p=akkoma
diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
index f8c634653..04d823b36 100644
--- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
+++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
@@ -1,12 +1,17 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
use Pleroma.Web, :controller
+
alias Comeonin.Pbkdf2
- alias Pleroma.User
+ alias Pleroma.Plugs.RateLimiter
alias Pleroma.Repo
+ alias Pleroma.User
+
+ plug(RateLimiter, [name: :authentication] when action in [:user_exists, :check_password])
+ plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
def user_exists(conn, %{"user" => username}) do
with %User{} <- Repo.get_by(User, nickname: username, local: true) do
@@ -29,7 +34,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
else
false ->
conn
- |> put_status(403)
+ |> put_status(:forbidden)
|> json(false)
_ ->