idp oidc: use min() to cap login retry timeout (#87442)
gitea/authentic/pipeline/head This commit looks good
Details
gitea/authentic/pipeline/head This commit looks good
Details
This commit is contained in:
parent
0c77d67608
commit
7d6601c870
|
@ -697,8 +697,7 @@ def idtoken_from_user_credential(request):
|
|||
backoff_keys = (username, client.client_id)
|
||||
|
||||
seconds_to_wait = exponential_backoff.seconds_to_wait(*backoff_keys)
|
||||
if seconds_to_wait > a2_app_settings.A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION:
|
||||
seconds_to_wait = a2_app_settings.A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION
|
||||
seconds_to_wait = min(seconds_to_wait, a2_app_settings.A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION)
|
||||
if seconds_to_wait:
|
||||
raise InvalidRequest(
|
||||
_('Too many attempts with erroneous RO password, you must wait %s seconds to try again.')
|
||||
|
|
Loading…
Reference in New Issue