From e920ae88160cd00850dcf0e5e4d876e2afe8600a Mon Sep 17 00:00:00 2001
From: Eugene Blikh <bigbes@gmail.com>
Date: Sun, 26 Apr 2026 18:16:10 +0300
Subject: [PATCH] web: prune lethe_auth_failures log to the 5-min window on
 insert

---
 internal/server/web/dist/index.html | 2 +-
 web/src/routes/auth.callback.tsx    | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/internal/server/web/dist/index.html b/internal/server/web/dist/index.html
index 5c62577e34fb15ec388e2aefb2c1b0225c33deda..845a5c6c6a85828a601188371a9a83695d295492 100644
--- a/internal/server/web/dist/index.html
+++ b/internal/server/web/dist/index.html
@@ -13,7 +13,7 @@
       href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&family=JetBrains+Mono:wght@400;500;700&display=swap"
       rel="stylesheet"
     />
-    <script type="module" crossorigin src="/assets/index-DEdJhFGo.js"></script>
+    <script type="module" crossorigin src="/assets/index-Cjf6VAVm.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-D-7MmxJh.css">
   </head>
   <body class="density-compact">
diff --git a/web/src/routes/auth.callback.tsx b/web/src/routes/auth.callback.tsx
index 16a29c3558308566467f186224135188e020f496..5c7b4dcc05ac3f73c5ebdc6c4d8812925d292f8c 100644
--- a/web/src/routes/auth.callback.tsx
+++ b/web/src/routes/auth.callback.tsx
@@ -66,10 +66,14 @@ function CallbackRoute(): React.JSX.Element {
         } catch {
           log = []
         }
-        log.push(Date.now())
+        const now = Date.now()
+        // Prune entries outside the 5-minute window before appending so the
+        // array can't grow unbounded across many failed reloads.
+        log = log.filter(ts => ts > now - 300_000)
+        log.push(now)
         localStorage.setItem(FAILURES_KEY, JSON.stringify(log))
 
-        const { blocked: isBlocked } = countCallbackFailures(Date.now(), log)
+        const { blocked: isBlocked } = countCallbackFailures(now, log)
         return isBlocked
       }