merge: release 2025.4.2 (!1051)

View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/1051

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev>
Approved-by: Julia <julia@insertdomain.name>

1 files changed, 5 insertions, 4 deletions

diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index 72712bce60..7f371ea309 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -35,7 +35,8 @@ import type { FastifyReply, FastifyRequest } from 'fastify';
 // Up to 10 attempts, then 1 per minute
 const signinRateLimit: Keyed<RateLimit> = {
 	key: 'signin',
-	max: 10,
+	type: 'bucket',
+	size: 10,
 	dripRate: 1000 * 60,
 };
 
@@ -146,7 +147,7 @@ export class SigninApiService {
 
 		if (isSystemAccount(user)) {
 			return error(403, {
-				id: 's8dhsj9s-a93j-493j-ja9k-kas9sj20aml2',
+				id: 'ba4ba3bc-ef1e-4c74-ad88-1d2b7d69a100',
 			});
 		}
 
@@ -243,7 +244,7 @@ export class SigninApiService {
 				if (profile.password!.startsWith('$2')) {
 					const newHash = await argon2.hash(password);
 					this.userProfilesRepository.update(user.id, {
-						password: newHash
+						password: newHash,
 					});
 				}
 				if (!this.meta.approvalRequiredForSignup && !user.approved) this.usersRepository.update(user.id, { approved: true });
@@ -267,7 +268,7 @@ export class SigninApiService {
 				if (profile.password!.startsWith('$2')) {
 					const newHash = await argon2.hash(password);
 					this.userProfilesRepository.update(user.id, {
-						password: newHash
+						password: newHash,
 					});
 				}
 				await this.userAuthService.twoFactorAuthenticate(profile, token);