Adding a captcha rate limit. Fixes #1755 (#1941)

[lemmy.git] / src / api_routes.rs

diff --git a/src/api_routes.rs b/src/api_routes.rs
index 9f06c5bef6f8665159afc57dd5941fb94886c4ec..ae5fa40c18b12c4916b79bf9f8adb46f7bc440ef 100644 (file)
--- a/src/api_routes.rs
+++ b/src/api_routes.rs
@@ -161,6 +161,12 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
           .wrap(rate_limit.register())
           .route(web::post().to(route_post_crud::<Register>)),
       )
+      .service(
+        // Handle captcha separately
+        web::resource("/user/get_captcha")
+          .wrap(rate_limit.post())
+          .route(web::get().to(route_get::<GetCaptcha>)),
+      )
       // User actions
       .service(
         web::scope("/user")
@@ -178,7 +184,6 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
           .route("/block", web::post().to(route_post::<BlockPerson>))
           // Account actions. I don't like that they're in /user maybe /accounts
           .route("/login", web::post().to(route_post::<Login>))
-          .route("/get_captcha", web::get().to(route_get::<GetCaptcha>))
           .route(
             "/delete_account",
             web::post().to(route_post_crud::<DeleteAccount>),