mirror of
https://github.com/MrUnknownDE/panel.git
synced 2026-04-09 18:03:44 +02:00
288ee1a258
Cleaned up the code a bit, also checks TOTP before attemping to verify user. This addresses the potential for an attacker to try at a password and/or confirm that the password is correct unless they have a valid TOTP code for the request. A failed TOTP response will trigger a throttle count on the login as well.
4.4 KiB
4.4 KiB