From 9d4ced58b93f1828468e033d86c4b80e2be72dcc Mon Sep 17 00:00:00 2001 From: White Date: Thu, 2 Feb 2017 00:23:12 +1030 Subject: [PATCH] Remove an oversight relating to REST token management --- TShockAPI/Rest/SecureRest.cs | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/TShockAPI/Rest/SecureRest.cs b/TShockAPI/Rest/SecureRest.cs index deadc0a1..0868407f 100644 --- a/TShockAPI/Rest/SecureRest.cs +++ b/TShockAPI/Rest/SecureRest.cs @@ -43,7 +43,7 @@ namespace Rests public Dictionary AppTokens { get; protected set; } private RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider(); - + public SecureRest(IPAddress ip, int port) : base(ip, port) { @@ -128,8 +128,7 @@ namespace Rests } else { - if (!TShock.Config.RESTLimitOnlyFailedLoginRequests) - tokenBucket.Add(context.RemoteEndPoint.Address.ToString(), 1); // First time request, set to one and process request + tokenBucket.Add(context.RemoteEndPoint.Address.ToString(), 1); // First time request, set to one and process request } User userAccount = TShock.Users.GetUserByName(username); @@ -152,7 +151,7 @@ namespace Rests return new RestObject("403") { Error = "Username or password may be incorrect or this account may not have sufficient privileges." }; } - + string tokenHash; var randbytes = new byte[32]; do