fix: increase max login attempts and improve two-factor token error response

2026-06-20 13:00:39 +00:00 · 2026-02-20 18:53:10 +08:00
parent 622a4ec506
commit 177d34ba54
2 changed files with 2 additions and 2 deletions
@@ -22,7 +22,7 @@
  rateLimit: {
    // Max failed login attempts before temporary lock.
    // 触发临时锁定前允许的最大登录失败次数。
-    loginMaxAttempts: 5,
+    loginMaxAttempts: 10,
    // Login lock duration in minutes.
    // 登录锁定时长（分钟）。
    loginLockoutMinutes: 2,
@@ -145,7 +145,7 @@ export async function handleToken(request: Request, env: Env): Promise<Response>
              429
            );
          }
-          return twoFactorRequiredResponse();
+          return identityErrorResponse('Invalid two-factor token', 'invalid_grant', 400);
        }
      }