feat: add login limit error

2 years ago · d58726c8b3
parent 9223b0e6ae
commit d58726c8b3
2 changed files with 10 additions and 1 deletions
--- a/api/controllers/console/auth/error.py
+++ b/api/controllers/console/auth/error.py
@ -41,3 +41,11 @@ class EmailOrPasswordMismatchError(BaseHTTPException):
    error_code = "email_or_password_mismatch"
    description = "The email or password is mismatched."
    code = 400
+
+
+class EmailPasswordLoginLimitError(BaseHTTPException):
+    error_code = "email_code_login_limit"
+    description = (
+        "Too many incorrect password attempts. Please verify your identity with the email code to complete login."
+    )
+    code = 429
--- a/api/controllers/console/auth/login.py
+++ b/api/controllers/console/auth/login.py
@ -11,6 +11,7 @@ from controllers.console import api
 from controllers.console.auth.error import (
    EmailCodeError,
    EmailOrPasswordMismatchError,
+    EmailPasswordLoginLimitError,
    InvalidEmailError,
    InvalidTokenError,
 )
@ -38,7 +39,7 @@ class LoginApi(Resource):

        is_login_error_rate_limit = AccountService.is_login_error_rate_limit(args["email"])
        if is_login_error_rate_limit:
-            raise EmailOrPasswordMismatchError()
+            raise EmailPasswordLoginLimitError()

        try:
            account = AccountService.authenticate(args["email"], args["password"])