Fixes bugs in login ratelimiting

2025-04-14 19:36:07 +03:00 · 2025-04-14 19:36:07 +03:00 · 1c2c1a76fa
parent 8d64bf7c6e
commit 1c2c1a76fa
3 changed files with 2 additions and 8 deletions
--- a/app/classes/user.php
+++ b/app/classes/user.php
@ -104,9 +104,6 @@ class User {
        require_once __DIR__ . '/../helpers/logs.php';
        $ipAddress = getUserIP();

-        // Record attempt
-        $this->rateLimiter->attempt($username, $ipAddress);
-
        // Check rate limiting first
        if (!$this->rateLimiter->isAllowed($username, $ipAddress)) {
            $remainingTime = $this->rateLimiter->getDecayMinutes();
--- a/app/pages/login.php
+++ b/app/pages/login.php
@ -224,9 +224,6 @@ try {
                if ($rateLimiter->tooManyAttempts($username, $user_IP)) {
                    throw new Exception(Feedback::get('LOGIN', 'TOO_MANY_ATTEMPTS')['message']);
                }
-
-                // Record this attempt before trying to login
-                $rateLimiter->attempt($username, $user_IP, false);
            }

            // Attempt login