From f3304497e5fb87d1f3f77a3824f59224017d58a9 Mon Sep 17 00:00:00 2001
From: Adi <aditya@netroy.in>
Date: Thu, 8 Aug 2024 14:34:31 +0200
Subject: [PATCH] fix(core): Rate limit MFA verification endpoint

---
 packages/cli/src/controllers/mfa.controller.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/cli/src/controllers/mfa.controller.ts b/packages/cli/src/controllers/mfa.controller.ts
index 3c58b944d57d0..4d3c6c0d9f50c 100644
--- a/packages/cli/src/controllers/mfa.controller.ts
+++ b/packages/cli/src/controllers/mfa.controller.ts
@@ -47,7 +47,7 @@ export class MFAController {
 		};
 	}
 
-	@Post('/enable')
+	@Post('/enable', { rateLimit: true })
 	async activateMFA(req: MFA.Activate) {
 		const { token = null } = req.body;
 		const { id, mfaEnabled } = req.user;
@@ -78,7 +78,7 @@ export class MFAController {
 		await this.mfaService.disableMfa(id);
 	}
 
-	@Post('/verify')
+	@Post('/verify', { rateLimit: true })
 	async verifyMFA(req: MFA.Verify) {
 		const { id } = req.user;
 		const { token } = req.body;