diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-08-01 12:14:22 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-08-01 12:14:22 -0400 |
| commit | db88a00d48d1dce48b8700e460c06ff7fb344f0a (patch) | |
| tree | cdb089f5aadcbd22aa63612d4d50bbe63fcbe112 /app/Api/Auth.php | |
| parent | db69d5c429cf747e72c4ded26f3821e7f688bc13 (diff) | |
Add bruteforce protection
Diffstat (limited to 'app/Api/Auth.php')
| -rw-r--r-- | app/Api/Auth.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Api/Auth.php b/app/Api/Auth.php index 9d401746..18fe9ff9 100644 --- a/app/Api/Auth.php +++ b/app/Api/Auth.php @@ -26,7 +26,7 @@ class Auth extends Base { $this->container['dispatcher']->dispatch('api.bootstrap', new Event); - if ($username !== 'jsonrpc' && $this->authentication->authenticate($username, $password)) { + if ($username !== 'jsonrpc' && ! $this->authentication->hasCaptcha($username) && $this->authentication->authenticate($username, $password)) { $this->checkProcedurePermission(true, $method); $this->userSession->refresh($this->user->getByUsername($username)); } |