fdsfds

2021-10-08 03:41:25 +02:00 · 2021-10-08 03:41:25 +02:00 · 28c5502d94
parent 82ff6c45a9
commit 28c5502d94
12 changed files with 93 additions and 93 deletions
--- a/files/mail/init.py
+++ b/files/mail/init.py
@ -41,7 +41,7 @@ def send_verification_email(user, email=None):


@app.post("/verify_email")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def api_verify_email(v):

--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -28,7 +28,7 @@ def truescore(v):


@app.post("/@<username>/revert_actions")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def revert_actions(v, username):
 	if 'pcm' in request.host or ('rdrama' in request.host and v.id in [1,12,28,29,747,995,1480]) or ('rdrama' not in request.host and 'pcm' not in request.host):
@ -52,7 +52,7 @@ def revert_actions(v, username):
 	return {"message": "Admin actions reverted!"}

@app.post("/@<username>/club_allow")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def club_allow(v, username):

@ -83,7 +83,7 @@ def club_allow(v, username):
 	return {"message": f"@{username} has been allowed into the country club!"}

@app.post("/@<username>/club_ban")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def club_ban(v, username):

@ -113,7 +113,7 @@ def club_ban(v, username):


@app.post("/@<username>/make_admin")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def make_admin(v, username):
 	if 'pcm' in request.host or ('rdrama' in request.host and v.id in [1,12,28,29,747,995,1480]) or ('rdrama' not in request.host and 'pcm' not in request.host):
@ -126,7 +126,7 @@ def make_admin(v, username):


@app.post("/@<username>/remove_admin")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def remove_admin(v, username):
 	if 'pcm' in request.host or ('rdrama' in request.host and v.id in [1,12,28,29,747,995,1480]) or ('rdrama' not in request.host and 'pcm' not in request.host):
@ -139,7 +139,7 @@ def remove_admin(v, username):


@app.post("/@<username>/make_fake_admin")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def make_fake_admin(v, username):
 	if 'pcm' in request.host or ('rdrama' in request.host and v.id in [1,12,28,29,747,995,1480]) or ('rdrama' not in request.host and 'pcm' not in request.host):
@ -152,7 +152,7 @@ def make_fake_admin(v, username):


@app.post("/@<username>/remove_fake_admin")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
 def remove_fake_admin(v, username):
 	if 'pcm' in request.host or ('rdrama' in request.host and v.id in [1,12,28,29,747,995,1480]) or ('rdrama' not in request.host and 'pcm' not in request.host):
@ -235,7 +235,7 @@ def get_rules(v):


@app.post('/admin/rules')
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def post_rules(v):
@ -372,7 +372,7 @@ def badge_grant_get(v):


@app.post("/admin/badge_grant")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def badge_grant_post(v):
@ -601,7 +601,7 @@ def alt_votes_get(v):


@app.post("/admin/link_accounts")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def admin_link_accounts(v):
@ -648,7 +648,7 @@ def admin_removed(v):


@app.post("/admin/image_ban")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def admin_image_ban(v):
@ -757,7 +757,7 @@ def agendaposter(user_id, v):


@app.post("/shadowban/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def shadowban(user_id, v):
@ -783,7 +783,7 @@ def shadowban(user_id, v):


@app.post("/unshadowban/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def unshadowban(user_id, v):
@ -808,7 +808,7 @@ def unshadowban(user_id, v):
 	return {"message": "User unshadowbanned!"}

@app.post("/admin/verify/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def verify(user_id, v):
@ -819,7 +819,7 @@ def verify(user_id, v):
 	return {"message": "User verfied!"}

@app.post("/admin/unverify/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def unverify(user_id, v):
@ -831,7 +831,7 @@ def unverify(user_id, v):


@app.post("/admin/title_change/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def admin_title_change(user_id, v):
@ -865,7 +865,7 @@ def admin_title_change(user_id, v):
 	return redirect(user.url)

@app.post("/ban_user/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def ban_user(user_id, v):
@ -941,7 +941,7 @@ def ban_user(user_id, v):


@app.post("/unban_user/<user_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(6)
@validate_formkey
 def unban_user(user_id, v):
@ -979,7 +979,7 @@ def unban_user(user_id, v):


@app.post("/ban_post/<post_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(3)
@validate_formkey
 def ban_post(post_id, v):
@ -1023,7 +1023,7 @@ def ban_post(post_id, v):


@app.post("/unban_post/<post_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(3)
@validate_formkey
 def unban_post(post_id, v):
@ -1118,7 +1118,7 @@ def api_pin_post(post_id, v):
 		else: return {"message": "Post unpinned!"}

@app.post("/ban_comment/<c_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(1)
 def api_ban_comment(c_id, v):

@ -1142,7 +1142,7 @@ def api_ban_comment(c_id, v):


@app.post("/unban_comment/<c_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(1)
 def api_unban_comment(c_id, v):

@ -1208,7 +1208,7 @@ def admin_banned_domains(v):
 	return render_template("admin/banned_domains.html", v=v, banned_domains=banned_domains)

@app.post("/admin/banned_domains")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def admin_toggle_ban_domain(v):
@ -1230,7 +1230,7 @@ def admin_toggle_ban_domain(v):


@app.post("/admin/nuke_user")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def admin_nuke_user(v):
@ -1264,7 +1264,7 @@ def admin_nuke_user(v):


@app.post("/admin/unnuke_user")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(4)
@validate_formkey
 def admin_nunuke_user(v):
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@ -185,7 +185,7 @@ ALLOW_MULTIPLE = (
 )

@app.post("/post/<pid>/awards")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def award_post(pid, v):

@ -249,7 +249,7 @@ def award_post(pid, v):


@app.post("/comment/<cid>/awards")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def award_comment(cid, v):

@ -322,7 +322,7 @@ def admin_userawards_get(v):
 	return render_template("admin/user_award.html", awards=list(AWARDS.values()), v=v)

@app.post("/admin/user_award")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def admin_userawards_post(v):
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -120,7 +120,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None):


@app.post("/comment")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("6/minute")
@is_not_banned
@validate_formkey
@ -574,7 +574,7 @@ def api_comment(v):


@app.post("/edit_comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def edit_comment(cid, v):
@ -771,7 +771,7 @@ def edit_comment(cid, v):


@app.post("/delete/comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def delete_comment(cid, v):
@ -795,7 +795,7 @@ def delete_comment(cid, v):
 	return {"message": "Comment deleted!"}

@app.post("/undelete/comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def undelete_comment(cid, v):
@ -850,7 +850,7 @@ def toggle_pin_comment(cid, v):
 	
 	
@app.post("/save_comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def save_comment(cid, v):
@ -867,7 +867,7 @@ def save_comment(cid, v):
 	return {"message": "Comment saved!"}

@app.post("/unsave_comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def unsave_comment(cid, v):
--- a/files/routes/errors.py
+++ b/files/routes/errors.py
@ -67,7 +67,7 @@ def error_500(e, v):


@app.post("/allow_nsfw")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
 def allow_nsfw():

 	session["over_18"] = int(time.time()) + 3600
--- a/files/routes/login.py
+++ b/files/routes/login.py
@ -78,7 +78,7 @@ def check_for_alts(current_id):


@app.post("/login")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("6/minute")
 def login_post():

@ -167,7 +167,7 @@ def me(v):


@app.post("/logout")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def logout(v):
@ -228,7 +228,7 @@ def sign_up_get(v):


@app.post("/signup")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("5/day")
@auth_desired
 def sign_up_post(v):
@ -380,7 +380,7 @@ def get_forgot():


@app.post("/forgot")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
 def post_forgot():

 	username = request.values.get("username").lstrip('@')
@ -450,7 +450,7 @@ def get_reset():


@app.post("/reset")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_desired
 def post_reset(v):
 	if v:
@ -503,7 +503,7 @@ def lost_2fa(v):
 		)

@app.post("/request_2fa_disable")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("6/minute")
 def request_2fa_disable():

--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@ -17,7 +17,7 @@ def authorize_prompt(v):


@app.post("/authorize")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def authorize(v):
@ -40,7 +40,7 @@ def authorize(v):


@app.post("/api_keys")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@is_not_banned
 def request_api_keys(v):

@ -61,7 +61,7 @@ def request_api_keys(v):


@app.post("/delete_app/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def delete_oauth_app(v, aid):
@ -80,7 +80,7 @@ def delete_oauth_app(v, aid):


@app.post("/edit_app/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@is_not_banned
@validate_formkey
 def edit_oauth_app(v, aid):
@ -100,7 +100,7 @@ def edit_oauth_app(v, aid):


@app.post("/admin/app/approve/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(3)
@validate_formkey
 def admin_app_approve(v, aid):
@ -128,7 +128,7 @@ def admin_app_approve(v, aid):


@app.post("/admin/app/revoke/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(3)
@validate_formkey
 def admin_app_revoke(v, aid):
@ -147,7 +147,7 @@ def admin_app_revoke(v, aid):


@app.post("/admin/app/reject/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@admin_level_required(3)
@validate_formkey
 def admin_app_reject(v, aid):
@ -230,7 +230,7 @@ def admin_apps_list(v):


@app.post("/oauth/reroll/<aid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def reroll_oauth_tokens(aid, v):

--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -50,7 +50,7 @@ def toggle_club(pid, v):


@app.post("/publish/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def publish(pid, v):
@ -189,7 +189,7 @@ def post_id(pid, anything=None, v=None):


@app.post("/edit_post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def edit_post(pid, v):
@ -504,7 +504,7 @@ def thumbnail_thread(pid):


@app.post("/submit")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("6/minute")
@is_not_banned
@validate_formkey
@ -962,7 +962,7 @@ def submit_post(v):


@app.post("/delete_post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def delete_post_pid(pid, v):
@ -984,7 +984,7 @@ def delete_post_pid(pid, v):
 	return {"message": "Post deleted!"}

@app.post("/undelete_post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def undelete_post_pid(pid, v):
@ -1043,7 +1043,7 @@ def toggle_post_nsfw(pid, v):
 	else: return {"message": "Post has been unmarked as +18!"}

@app.post("/save_post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def save_post(pid, v):
@ -1060,7 +1060,7 @@ def save_post(pid, v):
 	return {"message": "Post saved!"}

@app.post("/unsave_post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def unsave_post(pid, v):
--- a/files/routes/reporting.py
+++ b/files/routes/reporting.py
@ -5,7 +5,7 @@ from files.__main__ import app, limiter
 from os import path

@app.post("/flag/post/<pid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_desired
 def api_flag_post(pid, v):

@ -37,7 +37,7 @@ def api_flag_post(pid, v):


@app.post("/flag/comment/<cid>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_desired
 def api_flag_comment(cid, v):

@ -68,7 +68,7 @@ def api_flag_comment(cid, v):


@app.post('/del_report/<report_fn>')
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def remove_report(report_fn, v):
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -31,7 +31,7 @@ tiers={
 	}

@app.post("/settings/removebackground")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def removebackground(v):
 	v.background = None
@ -40,7 +40,7 @@ def removebackground(v):
 	return {"message": "Background removed!"}

@app.post("/settings/profile")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_profile_post(v):
@ -264,7 +264,7 @@ def changelogsub(v):
 	else: return {"message": "You have unsubscribed from the changelog!"}

@app.post("/settings/namecolor")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def namecolor(v):
@ -277,7 +277,7 @@ def namecolor(v):
 	return redirect("/settings/profile")
 	
@app.post("/settings/themecolor")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def themecolor(v):
@ -290,7 +290,7 @@ def themecolor(v):
 	return redirect("/settings/profile")

@app.post("/settings/gumroad")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def gumroad(v):
@ -365,7 +365,7 @@ def gumroad(v):
 	return {"message": f"{patron} rewards claimed!"}

@app.post("/settings/titlecolor")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def titlecolor(v):
@ -379,7 +379,7 @@ def titlecolor(v):
 	return redirect("/settings/profile")

@app.post("/settings/security")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_security_post(v):
@ -483,7 +483,7 @@ def settings_security_post(v):
 						escape("Two-factor authentication disabled."))

@app.post("/settings/log_out_all_others")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_log_out_others(v):
@ -506,7 +506,7 @@ def settings_log_out_others(v):


@app.post("/settings/images/profile")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_images_profile(v):
@ -538,7 +538,7 @@ def settings_images_profile(v):


@app.post("/settings/images/banner")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_images_banner(v):
@ -561,7 +561,7 @@ def settings_images_banner(v):


@app.post("/settings/delete/profile")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_delete_profile(v):
@ -573,7 +573,7 @@ def settings_delete_profile(v):
 						   msg="Profile picture successfully removed.")

@app.post("/settings/delete/banner")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_delete_banner(v):
@ -599,7 +599,7 @@ def settings_css_get(v):
 	return render_template("settings_css.html", v=v)

@app.post("/settings/css")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def settings_css(v):
 	css = request.values.get("css").replace('\\', '')[:50000]
@ -621,7 +621,7 @@ def settings_profilecss_get(v):
 	return render_template("settings_profilecss.html", v=v)

@app.post("/settings/profilecss")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def settings_profilecss(v):
 	if v.coins < 1000 and not v.patron: return f"You must have +1000 {COINS_NAME} or be a patron to set profile css."
@ -633,7 +633,7 @@ def settings_profilecss(v):
 	return render_template("settings_profilecss.html", v=v)

@app.post("/settings/block")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_block_user(v):
@ -671,7 +671,7 @@ def settings_block_user(v):


@app.post("/settings/unblock")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_unblock_user(v):
@ -706,7 +706,7 @@ def settings_apps(v):


@app.post("/settings/remove_discord")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_remove_discord(v):
@ -727,7 +727,7 @@ def settings_content_get(v):
 	return render_template("settings_filters.html", v=v)

@app.post("/settings/name_change")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_name_change(v):
@ -774,7 +774,7 @@ def settings_name_change(v):
 	return redirect("/settings/profile")

@app.post("/settings/song_change")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_song_change(v):
@ -856,7 +856,7 @@ def settings_song_change(v):
 	return redirect("/settings/profile")

@app.post("/settings/title_change")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
@validate_formkey
 def settings_title_change(v):
--- a/files/routes/static.py
+++ b/files/routes/static.py
@ -222,7 +222,7 @@ def contact(v):
 	return render_template("contact.html", v=v)

@app.post("/contact")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def submit_contact(v):
 	message = f'This message has been sent automatically to all admins via https://{site}/contact, user email is "{v.email}"\n\nMessage:\n\n' + request.values.get("message", "")
@ -333,7 +333,7 @@ def settings_security(v):
 						   )

@app.post("/dismiss_mobile_tip")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
 def dismiss_mobile_tip():

 	session["tooltip_last_dismissed"]=int(time.time())
--- a/files/routes/users.py
+++ b/files/routes/users.py
@ -21,7 +21,7 @@ beams_client = PushNotifications(


@app.post("/pay_rent")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def pay_rent(v):
 	if v.coins < 500: return "You must have more than 500 coins."
@ -37,7 +37,7 @@ def pay_rent(v):


@app.post("/steal")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@is_not_banned
 def steal(v):
 	if int(time.time()) - v.created_utc < 604800:
@ -91,7 +91,7 @@ def thiefs(v):


@app.post("/@<username>/suicide")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def suicide(v, username):
 	t = int(time.time())
@ -113,7 +113,7 @@ def get_coins(v, username):
 	else: return {"error": "invalid_user"}, 404

@app.post("/@<username>/transfer_coins")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@is_not_banned
@validate_formkey
 def transfer_coins(v, username):
@ -202,7 +202,7 @@ def song(song):
 	return resp

@app.post("/subscribe/<post_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def subscribe(v, post_id):
 	new_sub = Subscription(user_id=v.id, submission_id=post_id)
@ -211,7 +211,7 @@ def subscribe(v, post_id):
 	return {"message": "Post subscribed!"}
 	
@app.post("/unsubscribe/<post_id>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def unsubscribe(v, post_id):
 	sub=g.db.query(Subscription).options(lazyload('*')).filter_by(user_id=v.id, submission_id=post_id).first()
@ -221,7 +221,7 @@ def unsubscribe(v, post_id):
 	return {"message": "Post unsubscribed!"}

@app.post("/@<username>/message")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("10/hour")
@auth_required
 def message2(v, username):
@ -284,7 +284,7 @@ def message2(v, username):


@app.post("/reply")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@limiter.limit("6/minute")
@auth_required
 def messagereply(v):
@ -616,7 +616,7 @@ def u_username_info(username, v=None):


@app.post("/follow/<username>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def follow_user(username, v):

@ -642,7 +642,7 @@ def follow_user(username, v):
 	return {"message": "User followed!"}

@app.post("/unfollow/<username>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def unfollow_user(username, v):

@ -669,7 +669,7 @@ def unfollow_user(username, v):
 	return {"message": "User unfollowed!"}

@app.post("/remove_follow/<username>")
-@limiter.limit("1/0.5seconds")
+@limiter.limit("1/second")
@auth_required
 def remove_follow(username, v):
 	target = get_user(username)