You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
it sends user and password + csrf token; for an unknown reason, we never put in the recaptcha - which is present in the registration; we should add it, that requires changes in the class referenced above + change in bbb
Are we sure about this? It is not common to have captchas to login and it is very annoying when for some non-obvious reason (e.g., you are behind a proxy and there are too many requests) suddenly you have to find cars on an image (or similar tests), wouldn't the current rate limit be enough?
i find the "i'm not a robot" captcha (so called 'no captcha recaptcha) to
be very simple, it only requires a click - i don't know how google decides
to present a challenge, but i think it is not as simple as just too many
reqs; and when i tried to script the login i was consistently being failed
on a captcha - as a user, i get to see it very rarely
but i searched what internet thinks and i might be indeed over-zealous:
https://security.stackexchange.com/questions/93912/is-it-helpful-to-have-a-captcha-on-a-login-screen
On Fri, Mar 16, 2018 at 7:45 PM, Sergi Blanco-Cuaresma < ***@***.***> wrote:
Are we sure about this? It is not common to have captchas to login and it
is very annoying when for some non-obvious reason (e.g., you are behind a
proxy and there are too many requests) suddenly you have to find cars on an
image (or similar tests), wouldn't the current rate limit be enough?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#142 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAZIklJLdJ7l2jv5dlDxaya8c9hcv_hoks5tfE6wgaJpZM4Ssk9S>
.
bbb contacts api/accounts/user
https://github.com/adsabs/adsws/blob/master/adsws/accounts/views.py#L377
it sends user and password + csrf token; for an unknown reason, we never put in the recaptcha - which is present in the registration; we should add it, that requires changes in the class referenced above + change in bbb
https://github.com/adsabs/adsws/blob/master/adsws/accounts/views.py#L499
and corresponding change in bbb, probably here:
https://github.com/adsabs/bumblebee/blob/master/src/js/widgets/authentication/widget.js
The text was updated successfully, but these errors were encountered: