From 386272a61844ecb252c0da502ca7729ee6ccc398 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 21 Jun 2022 18:40:53 -0700
Subject: [PATCH] Manually add the additional routes so we can throttle them

Signed-off-by: snipe <snipe@snipe.net>
---
 routes/web.php | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/routes/web.php b/routes/web.php
index 63019632d..674dc0758 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -20,6 +20,8 @@ use App\Http\Controllers\StatuslabelsController;
 use App\Http\Controllers\SuppliersController;
 use App\Http\Controllers\ViewAssetsController;
 use App\Http\Controllers\Auth\LoginController;
+use App\Http\Controllers\Auth\ForgotPasswordController;
+use App\Http\Controllers\Auth\ResetPasswordController;
 use Illuminate\Support\Facades\Route;
 use Illuminate\Support\Facades\Auth;
 
@@ -424,7 +426,40 @@ Route::group(['middleware' => 'web'], function () {
     Route::post(
         'two-factor',
         [LoginController::class, 'postTwoFactorAuth']
-    );
+    )->middleware('throttle:'.config('auth.passwords.users.throttle.max_attempts').','.config('auth.passwords.users.throttle.lockout_duration'));
+
+
+
+    Route::post(
+        'password/email',
+        [ForgotPasswordController::class, 'sendResetLinkEmail']
+    )->name('password.email')->middleware('throttle:'.config('auth.passwords.users.throttle.max_attempts').','.config('auth.passwords.users.throttle.lockout_duration'));
+
+    Route::get(
+        'password/reset',
+        [ForgotPasswordController::class, 'showLinkRequestForm']
+    )->name('password.request');
+
+
+    Route::post(
+        'password/reset',
+        [ResetPasswordController::class, 'reset']
+    )->name('password.update')->middleware('throttle:'.config('auth.passwords.users.throttle.password_max_attempts').','.config('auth.passwords.users.throttle.password_lockout_duration'));
+
+    Route::get(
+        'password/reset/{token}',
+        [ResetPasswordController::class, 'showResetForm']
+    )->name('password.reset')->middleware('throttle:'.config('auth.passwords.users.throttle.password_max_attempts').','.config('auth.passwords.users.throttle.lockout_duration'));
+
+
+    Route::post(
+        'password/email',
+        [ResetPasswordController::class, 'showLinkRequestForm']
+    )->name('password.request')->middleware('throttle:'.config('auth.passwords.users.throttle.password_max_attempts').','.config('auth.passwords.users.throttle.password_lockout_duration'));
+
+
+
+
 
     Route::get(
         '/',
@@ -446,7 +481,7 @@ Route::group(['middleware' => 'web'], function () {
     )->name('logout');
 });
 
-Auth::routes();
+//Auth::routes();
 
 Route::get(
     '/health',