fix(controllers): Migrate to BruteForceProtection attribute

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2023-04-24 12:54:48 +0200
committer: Joas Schilling <coding@schilljs.com> 2023-04-24 12:54:48 +0200
commit: a51ebee5a24619c15981a0b6abd08f790ad659df (patch)
tree: 004872b187318949445258b7446e27a6decebc32 /lib/Controller/PageController.php
parent: 5625c65c9ea3b053f1d943046a1f75e401526af2 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php
index c4a3f0d50..1efe8c198 100644
--- a/lib/Controller/PageController.php
+++ b/lib/Controller/PageController.php
@@ -40,6 +40,7 @@ use OCA\Viewer\Event\LoadViewer;
 use OCP\App\IAppManager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\BruteForceProtection;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\ContentSecurityPolicy;
 use OCP\AppFramework\Http\NotFoundResponse;
@@ -127,13 +128,13 @@ class PageController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
-	 * @BruteForceProtection(action=talkRoomToken)
 	 *
 	 * @param string $token
 	 * @return Response
 	 * @throws HintException
 	 */
 	#[UseSession]
+	#[BruteForceProtection(action: 'talkRoomToken')]
 	public function showCall(string $token): Response {
 		// This is the entry point from the `/call/{token}` URL which is hardcoded in the server.
 		return $this->index($token);
@@ -142,7 +143,6 @@ class PageController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
-	 * @BruteForceProtection(action=talkRoomPassword)
 	 *
 	 * @param string $token
 	 * @param string $password
@@ -150,6 +150,7 @@ class PageController extends Controller {
 	 * @throws HintException
 	 */
 	#[UseSession]
+	#[BruteForceProtection(action: 'talkRoomPassword')]
 	public function authenticatePassword(string $token, string $password = ''): Response {
 		// This is the entry point from the `/call/{token}` URL which is hardcoded in the server.
 		return $this->index($token, '', $password);
@@ -178,7 +179,6 @@ class PageController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
-	 * @BruteForceProtection(action=talkRoomToken)
 	 *
 	 * @param string $token
 	 * @param string $callUser
@@ -186,6 +186,7 @@ class PageController extends Controller {
 	 * @return TemplateResponse|RedirectResponse
 	 * @throws HintException
 	 */
+	#[BruteForceProtection(action: 'talkRoomToken')]
 	#[UseSession]
 	public function index(string $token = '', string $callUser = '', string $password = ''): Response {
 		$bruteForceToken = $token;
@@ -309,11 +310,11 @@ class PageController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
-	 * @BruteForceProtection(action=talkRoomToken)
 	 *
 	 * @param string $token
 	 * @return TemplateResponse|NotFoundResponse
 	 */
+	#[BruteForceProtection(action: 'talkRoomToken')]
 	public function recording(string $token): Response {
 		try {
 			$room = $this->manager->getRoomByToken($token);
author	Joas Schilling <coding@schilljs.com>	2023-04-24 12:54:48 +0200
committer	Joas Schilling <coding@schilljs.com>	2023-04-24 12:54:48 +0200
commit	a51ebee5a24619c15981a0b6abd08f790ad659df (patch)
tree	004872b187318949445258b7446e27a6decebc32 /lib/Controller/PageController.php
parent	5625c65c9ea3b053f1d943046a1f75e401526af2 (diff)