fix: update logic for removing token from limiter
This commit is contained in:
parent
958f01262b
commit
7a5042176e
@ -88,9 +88,7 @@ router.post("/", async (req, res) => {
|
||||
|
||||
// Note: successful logins should not count against the RateLimiter
|
||||
// which is why this logic must come after the successful login logic
|
||||
if (!limiter.removeToken()) {
|
||||
throw new Error("Login rate limited!")
|
||||
}
|
||||
limiter.removeToken()
|
||||
|
||||
console.error(
|
||||
"Failed login attempt",
|
||||
|
Reference in New Issue
Block a user