Update 'Login throttling' guide to match guides (#962)

lucia-auth · Aug 11, 2023 · 0b4f375 · 0b4f375
1 parent cb32a73
commit 0b4f375
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 22 deletions.
diff --git a/examples/other/login-throttling-device-cookie/src/index.ts b/examples/other/login-throttling-device-cookie/src/index.ts
@@ -6,7 +6,7 @@ import fs from "fs/promises";
 
 const app = new Hono();
 
-const usernameThrottling = new Map<
+const loginTimeout = new Map<
 	string,
 	{
 		timeoutUntil: number;
@@ -47,8 +47,8 @@ app.post("/", async (c) => {
 			maxAge: 0,
 			httpOnly: true
 		});
-		const storedThrottling = usernameThrottling.get(username) ?? null;
-		const timeoutUntil = storedThrottling?.timeoutUntil ?? 0;
+		const storedTimeout = loginTimeout.get(username) ?? null;
+		const timeoutUntil = storedTimeout?.timeoutUntil ?? 0;
 		if (Date.now() < timeoutUntil) {
 			return c.text(
 				`Too many requests - wait ${Math.floor(
@@ -57,20 +57,18 @@ app.post("/", async (c) => {
 				400
 			);
 		}
+		const timeoutSeconds = storedTimeout ? storedTimeout.timeoutSeconds * 2 : 1;
+		loginTimeout.set(username, {
+			timeoutUntil: Date.now() + timeoutSeconds * 1000,
+			timeoutSeconds
+		});
 		if (password === "invalid") {
-			const timeoutSeconds = storedThrottling
-				? storedThrottling.timeoutSeconds * 2
-				: 1;
-			usernameThrottling.set(username, {
-				timeoutUntil: Date.now() + timeoutSeconds * 1000,
-				timeoutSeconds
-			});
 			return c.json(
 				`Invalid credentials - timed out for ${timeoutSeconds} seconds`,
 				400
 			);
 		}
-		usernameThrottling.delete(username);
+		loginTimeout.delete(username);
 	} else {
 		if (password === "invalid") {
 			return c.json(`Invalid credentials`, 400);

diff --git a/examples/other/login-throttling/src/index.ts b/examples/other/login-throttling/src/index.ts
@@ -4,7 +4,7 @@ import fs from "fs/promises";
 
 const app = new Hono();
 
-const usernameThrottling = new Map<
+const loginTimeout = new Map<
 	string,
 	{
 		timeoutUntil: number;
@@ -25,8 +25,8 @@ app.post("/", async (c) => {
 	if (password !== "invalid" && password !== "valid") {
 		return c.text("Invalid request body", 400);
 	}
-	const storedThrottling = usernameThrottling.get(username);
-	const timeoutUntil = storedThrottling?.timeoutUntil ?? 0;
+	const storedTimeout = loginTimeout.get(username);
+	const timeoutUntil = storedTimeout?.timeoutUntil ?? 0;
 	if (Date.now() < timeoutUntil) {
 		return c.text(
 			`Too many requests - wait ${Math.floor(
@@ -35,20 +35,18 @@ app.post("/", async (c) => {
 			400
 		);
 	}
+	const timeoutSeconds = storedTimeout ? storedTimeout.timeoutSeconds * 2 : 1;
+	loginTimeout.set(username, {
+		timeoutUntil: Date.now() + timeoutSeconds * 1000,
+		timeoutSeconds
+	});
 	if (password === "invalid") {
-		const timeoutSeconds = storedThrottling
-			? storedThrottling.timeoutSeconds * 2
-			: 1;
-		usernameThrottling.set(username, {
-			timeoutUntil: Date.now() + timeoutSeconds * 1000,
-			timeoutSeconds
-		});
 		return c.json(
 			`Invalid credentials - timed out for ${timeoutSeconds} seconds`,
 			400
 		);
 	}
-	usernameThrottling.delete(username);
+	loginTimeout.delete(username);
 	return c.text("Success - throttling reset");
 });