From 9642615f529bc04171ab6823eaa8812971930571 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Tue, 28 Nov 2023 19:43:48 +0100
Subject: [PATCH] fix: Only throttle on invalid requests for public share links
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 .../Middleware/PublicShare/PublicShareMiddleware.php           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
index b39534ba0e80a..4a2cf51973ccd 100644
--- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
+++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
@@ -77,6 +77,8 @@ public function beforeController($controller, $methodName) {
 		$controller->setToken($token);
 
 		if (!$controller->isValidToken()) {
+			$this->throttle($bruteforceProtectionAction, $token);
+
 			$controller->shareNotFound();
 			throw new NotFoundException();
 		}
@@ -88,7 +90,6 @@ public function beforeController($controller, $methodName) {
 
 		// If authentication succeeds just continue
 		if ($controller->isAuthenticated()) {
-			$this->throttle($bruteforceProtectionAction, $token);
 			return;
 		}