kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-04 03:43:07 +00:00
Code Issues Projects Releases Wiki Activity

Fix Insufficient Granularity of Access Control

Browse Source
This commit is contained in:
James Cole
2021-10-03 18:18:44 +02:00
parent e60444cf65
commit 0af2fd845d
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@@ -92,9 +92,12 @@ class ForgotPasswordController extends Controller
// We will send the password reset link to this user. Once we have attempted
// to send the link, we will examine the response then see the message we
// need to show to the user. Finally, we'll send out a proper response.
$this->broker()->sendResetLink($request->only('email'));
$result = $this->broker()->sendResetLink($request->only('email'));
if('passwords.throttled' === $result) {
Log::error(sprintf('Cowardly refuse to send a password reset message to user #%d because the reset button has been throttled.', $user->id));
}
// always send the same response:
// always send the same response to the user:
$response = trans('firefly.forgot_password_response');
return back()->with('status', trans($response));