Skip to content

Commit 2c548fb

Browse files
dschomdschom
committed
bug(auth): The rule for verifySessionCode should have been conducted on uid
1 parent 4fe4611 commit 2c548fb

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

packages/fxa-auth-server/config/rate-limit-rules.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@
6868
verifyRecoveryCode : ip : 10 : 10 minutes : 30 minutes
6969
verifyRecoveryCode : email : 10 : 15 minutes : 15 minutes
7070
verifySessionCode : ip : 10 : 10 minutes : 30 minutes
71-
verifySessionCode : email : 10 : 15 minutes : 15 minutes
71+
verifySessionCode : uid : 10 : 15 minutes : 15 minutes
7272

7373
# Verify TOTP Code Limits
7474
verifyTotpCode : uid : 10 : 30 seconds : 15 minutes

0 commit comments

Comments
 (0)