|
|
@@ -62,10 +62,10 @@ module.exports = function(crowi, app) {
|
|
|
app.get('/login/error/:reason' , applicationInstalled, login.error);
|
|
|
app.get('/login' , applicationInstalled, login.preLogin, login.login);
|
|
|
app.get('/login/invited' , applicationInstalled, login.invited);
|
|
|
- app.post('/login/activateInvited' , applicationInstalled, loginFormValidator.inviteRules(), loginFormValidator.inviteValidation, csrf, login.invited);
|
|
|
+ app.post('/login/activateInvited' , apiLimiter , applicationInstalled, loginFormValidator.inviteRules(), loginFormValidator.inviteValidation, csrf, login.invited);
|
|
|
app.post('/login' , apiLimiter , applicationInstalled, loginFormValidator.loginRules(), loginFormValidator.loginValidation, csrf, loginPassport.loginWithLocal, loginPassport.loginWithLdap, loginPassport.loginFailure);
|
|
|
|
|
|
- app.post('/register' , applicationInstalled, registerFormValidator.registerRules(), registerFormValidator.registerValidation, csrf, login.register);
|
|
|
+ app.post('/register' , apiLimiter , applicationInstalled, registerFormValidator.registerRules(), registerFormValidator.registerValidation, csrf, login.register);
|
|
|
app.get('/register' , applicationInstalled, login.preLogin, login.register);
|
|
|
app.get('/logout' , applicationInstalled, logout.logout);
|
|
|
|
|
|
@@ -76,7 +76,7 @@ module.exports = function(crowi, app) {
|
|
|
if (!isInstalled) {
|
|
|
const installer = require('./installer')(crowi);
|
|
|
app.get('/installer' , applicationNotInstalled , installer.index);
|
|
|
- app.post('/installer' , applicationNotInstalled , registerFormValidator.registerRules(), registerFormValidator.registerValidation, csrf, installer.install);
|
|
|
+ app.post('/installer' , apiLimiter , applicationNotInstalled , registerFormValidator.registerRules(), registerFormValidator.registerValidation, csrf, installer.install);
|
|
|
return;
|
|
|
}
|
|
|
|
|
|
@@ -93,7 +93,7 @@ module.exports = function(crowi, app) {
|
|
|
app.get('/passport/oidc/callback' , loginPassport.loginPassportOidcCallback , loginPassport.loginFailure);
|
|
|
app.post('/passport/saml/callback' , loginPassport.loginPassportSamlCallback , loginPassport.loginFailure);
|
|
|
|
|
|
- app.post('/_api/login/testLdap' , loginRequiredStrictly , loginFormValidator.loginRules() , loginFormValidator.loginValidation , loginPassport.testLdapCredentials);
|
|
|
+ app.post('/_api/login/testLdap' , apiLimiter , loginRequiredStrictly , loginFormValidator.loginRules() , loginFormValidator.loginValidation , loginPassport.testLdapCredentials);
|
|
|
|
|
|
// security admin
|
|
|
app.get('/admin/security' , loginRequiredStrictly , adminRequired , admin.security.index);
|
LuqmanHakim-Grune