Last modified: 2014-05-11 09:25:46 UTC
When an OATH token is used, it should be cached temporarily so that if an attacker attempts to use the same token within the brief time period it is still valid, it will fail.
Change 132783 had a related patch set uploaded by Parent5446: Cache OATH tokens to avoid replay https://gerrit.wikimedia.org/r/132783