Add at most 10 password reset requests per 5 minutes and IP range
@ -206,6 +206,7 @@ class LostController extends Controller {
/**
* @PublicPage
* @BruteForceProtection(action=passwordResetEmail)
* @AnonRateThrottle(limit=10, period=300)
*
* @param string $user
* @return JSONResponse
@ -31,7 +31,9 @@ OC.Lostpassword = {
user : $('#user').val()
},
OC.Lostpassword.sendLinkDone
);
).fail(function() {
OC.Lostpassword.sendLinkError(OC.Lostpassword.sendErrorMsg);
});
}