Add the 15 seconds to the window, instead of removing
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
02ea134152
commit
bb7787a157
|
@ -159,7 +159,7 @@ class SecurityMiddleware extends Middleware {
|
|||
|
||||
if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
|
||||
$lastConfirm = (int) $this->session->get('last-password-confirm');
|
||||
if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
|
||||
if ($lastConfirm < (time() - (30 * 60 + 15))) { // allow 15 seconds delay
|
||||
throw new NotConfirmedException();
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue