From d58726c8b30a5811123f14d38ec8d51918ae0def Mon Sep 17 00:00:00 2001
From: Joe <1264204425@qq.com>
Date: Mon, 23 Sep 2024 11:20:35 +0800
Subject: [PATCH] feat: add login limit error

---
 api/controllers/console/auth/error.py | 8 ++++++++
 api/controllers/console/auth/login.py | 3 ++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/api/controllers/console/auth/error.py b/api/controllers/console/auth/error.py
index d3e7a14506..4c102bda58 100644
--- a/api/controllers/console/auth/error.py
+++ b/api/controllers/console/auth/error.py
@@ -41,3 +41,11 @@ class EmailOrPasswordMismatchError(BaseHTTPException):
     error_code = "email_or_password_mismatch"
     description = "The email or password is mismatched."
     code = 400
+
+
+class EmailPasswordLoginLimitError(BaseHTTPException):
+    error_code = "email_code_login_limit"
+    description = (
+        "Too many incorrect password attempts. Please verify your identity with the email code to complete login."
+    )
+    code = 429
diff --git a/api/controllers/console/auth/login.py b/api/controllers/console/auth/login.py
index 9b19231f60..f574e7f998 100644
--- a/api/controllers/console/auth/login.py
+++ b/api/controllers/console/auth/login.py
@@ -11,6 +11,7 @@ from controllers.console import api
 from controllers.console.auth.error import (
     EmailCodeError,
     EmailOrPasswordMismatchError,
+    EmailPasswordLoginLimitError,
     InvalidEmailError,
     InvalidTokenError,
 )
@@ -38,7 +39,7 @@ class LoginApi(Resource):
 
         is_login_error_rate_limit = AccountService.is_login_error_rate_limit(args["email"])
         if is_login_error_rate_limit:
-            raise EmailOrPasswordMismatchError()
+            raise EmailPasswordLoginLimitError()
 
         try:
             account = AccountService.authenticate(args["email"], args["password"])