fix(auth): increase failed login attempt threshold from 5 to 15

2026-01-13 10:42:58 +03:00 · 2026-01-13 10:42:58 +03:00 · c5c17fdd9b
commit c5c17fdd9b
parent c389129ae7
1 changed files with 2 additions and 2 deletions
--- a/routes/auth.py
+++ b/routes/auth.py
@ -101,7 +101,7 @@ async def check_rate_limit(
    )
    failed_attempts = result.scalars().all()

-    if len(failed_attempts) >= 5:
+    if len(failed_attempts) >= 15:
        return False, "Trop de tentatives échouées. Réessayez dans 15 minutes."

    return True, ""
@ -286,7 +286,7 @@ async def login(
        if user:
            user.failed_login_attempts += 1

-            if user.failed_login_attempts >= 5:
+            if user.failed_login_attempts >= 15:
                user.locked_until = datetime.now() + timedelta(minutes=15)
                await session.commit()
                raise HTTPException(