mirror of
				https://github.com/pelican-dev/panel.git
				synced 2025-10-25 20:16:51 +02:00 
			
		
		
		
	 288ee1a258
			
		
	
	
		288ee1a258
		
	
	
	
	
		
			
			Cleaned up the code a bit, also checks TOTP before attemping to verify user. This addresses the potential for an attacker to try at a password and/or confirm that the password is correct unless they have a valid TOTP code for the request. A failed TOTP response will trigger a throttle count on the login as well.
		
			
				
	
	
		
			27 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			27 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| return [
 | |
| 
 | |
|     /*
 | |
|     |--------------------------------------------------------------------------
 | |
|     | Authentication Language Lines
 | |
|     |--------------------------------------------------------------------------
 | |
|     |
 | |
|     | The following language lines are used during authentication for various
 | |
|     | messages that we need to display to the user. You are free to modify
 | |
|     | these language lines according to your application's requirements.
 | |
|     |
 | |
|     */
 | |
| 
 | |
|     'failed' => 'These credentials do not match our records.',
 | |
|     'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
 | |
|     'errorencountered' => 'There was an error encountered while attempting to process this request.',
 | |
|     'resetpassword' => 'Reset Password',
 | |
|     'confirmpassword' => 'Confirm Password',
 | |
|     'sendlink' => 'Send Password Reset Link',
 | |
|     'emailsent' => 'Your password reset email is on its way.',
 | |
|     'remeberme' => 'Remeber Me',
 | |
|     'totp_failed' => 'The TOTP token provided was invalid. Please ensure that the token generated by your device was valid.'
 | |
| 
 | |
| ];
 |