Auth-Attempts Timeout

Question

Closed this issue 6 years ago · 1 comments

Modify the abuseDetected function in auth-attempts to count within a certain time period.
Use Config.get('/authAttempts/hours'); to get the number of hours the account will be locked for.
Add hours to authAttempts in config.js

authAttempts: {
    forIp: 50,
    forIpAndUser: 7,
    hours: 1
  }

Answer 1 · 2018-08-16T18:21:32.000Z

Closing in #186