From d01d6e183ad87ef63274ac5e1ca9cb6ea0a84e58 Mon Sep 17 00:00:00 2001 From: Aevann Date: Fri, 27 Jan 2023 11:53:04 +0200 Subject: [PATCH] change endpoint path to be the same as GET version --- files/routes/login.py | 6 +++--- files/templates/login/lost_2fa.html | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/files/routes/login.py b/files/routes/login.py index 7b7bff83e..df50acbb8 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -18,7 +18,7 @@ from files.routes.routehelpers import check_for_alts from files.routes.wrappers import * -NO_LOGIN_REDIRECT_URLS = ("/login", "/logout", "/signup", "/forgot", "/reset", "/reset_2fa", "/request_2fa_disable") +NO_LOGIN_REDIRECT_URLS = ("/login", "/logout", "/signup", "/forgot", "/reset", "/reset_2fa", "/lost_2fa") @app.get("/login") @auth_desired @@ -473,9 +473,9 @@ def lost_2fa(v:Optional[User]): if v and not v.mfa_secret: abort(400, "You don't have 2FA enabled") return render_template("login/lost_2fa.html", v=v) -@app.post("/request_2fa_disable") +@app.post("/lost_2fa") @limiter.limit("1/second;6/minute;200/hour;1000/day") -def request_2fa_disable(): +def lost_2fa_post(): username=request.values.get("username") user=get_user(username, graceful=True) if not user or not user.email or not user.mfa_secret: diff --git a/files/templates/login/lost_2fa.html b/files/templates/login/lost_2fa.html index 352bae374..a54d8b857 100644 --- a/files/templates/login/lost_2fa.html +++ b/files/templates/login/lost_2fa.html @@ -4,7 +4,7 @@ {% block authtext %}If all information is correct, you will be able to remove 2-factor authentication from your account in 24 hours.{% endblock %} {% block content %}
-
+