From d306757ffb52c964f67fe8d203df61fc8a102603 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 7 Jul 2022 09:35:14 +0200
Subject: [PATCH] Only ignore attempts of the same action

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/Security/Bruteforce/Throttler.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php
index c47d102b8819d..e37746eb6a2d0 100644
--- a/lib/private/Security/Bruteforce/Throttler.php
+++ b/lib/private/Security/Bruteforce/Throttler.php
@@ -65,8 +65,8 @@ class Throttler {
 	private LoggerInterface $logger;
 	/** @var IConfig */
 	private $config;
-	/** @var bool */
-	private $hasAttemptsDeleted = false;
+	/** @var bool[] */
+	private $hasAttemptsDeleted = [];
 
 	public function __construct(IDBConnection $db,
 								ITimeFactory $timeFactory,
@@ -225,7 +225,7 @@ public function getAttempts(string $ip, string $action = '', float $maxAgeHours
 			$maxAgeHours = 48;
 		}
 
-		if ($ip === '' || $this->hasAttemptsDeleted) {
+		if ($ip === '' || isset($this->hasAttemptsDeleted[$action])) {
 			return 0;
 		}
 
@@ -303,7 +303,7 @@ public function resetDelay(string $ip, string $action, array $metadata): void {
 
 		$qb->executeStatement();
 
-		$this->hasAttemptsDeleted = true;
+		$this->hasAttemptsDeleted[$action] = true;
 	}
 
 	/**