From b5147c13ca99fad0223b67c50fc29b042e1d6f93 Mon Sep 17 00:00:00 2001
From: Jack Foltz <jack@foltz.io>
Date: Wed, 2 Jan 2019 17:18:07 -0500
Subject: [PATCH] Fix rate limit error and remove log

---
 app/routes/api/auth.js | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/app/routes/api/auth.js b/app/routes/api/auth.js
index 4415935..e072fa7 100644
--- a/app/routes/api/auth.js
+++ b/app/routes/api/auth.js
@@ -37,7 +37,7 @@ const registerParams = [
     {name: 'invite', type: 'string'}];
 
 router.post('/register',
-    rateLimit(config.get('RateLimit.register.window'), config.get('RateLimit.register.max'), true),
+    rateLimit(config.get('RateLimit.register.window'), config.get('RateLimit.register.max')),
     verifyBody(registerParams),
     async (req, res) => {
         const username = canonicalize(req.body.displayname);
@@ -81,18 +81,15 @@ const loginParams = [
     {name: 'password', type: 'string'}];
 
 router.post('/login',
-    rateLimit(config.get('RateLimit.login.window'), config.get('RateLimit.login.max'), true),
+    rateLimit(config.get('RateLimit.login.window'), config.get('RateLimit.login.max')),
     verifyBody(loginParams),
     async (req, res, next) => {
         req.body.username = canonicalize(req.body.displayname);
 
         // Authenticate
         const user = await passportAuthenticate(req, res, next);
-        if (!user) {
-            // Log failure
-            await fs.appendFile('auth.log', `${new Date().toISOString()} login ${req.ip}\n`);
+        if (!user)
             return res.status(401).json({'message': 'Unauthorized.'});
-        }
 
         // Create session
         await passportLogin(user, req);