Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-04-15 03:01:37 -05:00
Code Issues Activity

Fix token refresh

Browse source 
no issue
- spam prevention causes token refresh to return an error
This commit is contained in:
Sebastian Gierlinger 2014-08-06 11:11:44 +02:00
parent 080e13f42d
commit b2e9d21018
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
core/server/middleware/middleware.js
View file

@ -143,8 +143,10 @@ var middleware = {
rateSigninPeriod = config.rateSigninPeriod || 3600,
rateSigninAttempts = config.rateSigninAttempts || 10;
if (req.body.username) {
if (req.body.username && req.body.grant_type === 'password') {
loginSecurity.push({ip: remoteAddress, time: currentTime, email: req.body.username});
} else if (req.body.grant_type === 'refresh_token') {
return next();
} else {
return next(new errors.BadRequestError('No username.'));
}