From 4a99b7b62a3e33256a25cc12f73776064693a309 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sun, 4 Jun 2023 08:28:16 -0700
Subject: [PATCH] wiki: try and re-enable passwordattemptthrottle

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/mediawiki/templates/LocalSettings.php.fp.j2 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/mediawiki/templates/LocalSettings.php.fp.j2 b/roles/mediawiki/templates/LocalSettings.php.fp.j2
index 5245e26c53..0ff1a3403b 100644
--- a/roles/mediawiki/templates/LocalSettings.php.fp.j2
+++ b/roles/mediawiki/templates/LocalSettings.php.fp.j2
@@ -644,6 +644,10 @@ $_SERVER['HTTP_HOST'] = 'fedoraproject.org';
 $_SERVER['REQUEST_SCHEME'] = 'https';
 $_SERVER['SERVER_PORT'] = 443;
 
+# do not bother to throttle login attempts
+# users MUST have a valid OIDC token so brute force will get them nowhere.
+$wgPasswordAttemptThrottle = false;
+
 # Looks like mediawiki is using undefined constants.... Let's shut that up
 error_reporting(E_ALL ^ E_NOTICE);