vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix: restrict send_login_link to POST method only

Browse source
This commit is contained in:
Sagar Vora 2025-11-21 18:11:50 +05:30
parent 35077703a0
commit 2c774a75a2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frappe/www/login.py
View file

@ -140,7 +140,7 @@ def get_login_with_email_link_ratelimit() -> int:
return frappe.get_system_settings("rate_limit_email_link_login") or 5
@frappe.whitelist(allow_guest=True)
@frappe.whitelist(allow_guest=True, methods=["POST"])
@rate_limit(limit=get_login_with_email_link_ratelimit, seconds=60 * 60)
def send_login_link(email: str):
if not frappe.get_system_settings("login_with_email_link"):