Internal: Create automated tests for reset password requests #2727
Labels
for-superday
Tolgee SuperDay is a step part hiring process when candidate work on real task
Comments
StaNov
added
the
for-superday
|
Hello sir, I can confirm that the reset password requests were implemented properly and Rate Limit is rightfully Implemented. |
|
I believe the |
|
@JanCizmar , Sir, here it was implemented but in my recent report(as you asked me to report individually in Github) I showed you that other end points for api - like "generate-token" is not rate limited and gives a Jwt token that leads to account takeover and IDOR. Please check it out. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In #2724, limiting reset password requests were implemented without tests.
Add tests covering the code added.
Marking as
for-superdaysince it looks like a good task where no domain knowledge is needed.The text was updated successfully, but these errors were encountered: