From c4263c9439c3e3a08ff5e0215ab2756052df283d Mon Sep 17 00:00:00 2001 From: Aevann Date: Sun, 2 Apr 2023 10:04:32 +0200 Subject: [PATCH] fix prev commit --- files/routes/login.py | 5 ----- files/routes/posts.py | 4 +++- files/routes/static.py | 1 - files/routes/users.py | 1 - 4 files changed, 3 insertions(+), 8 deletions(-) diff --git a/files/routes/login.py b/files/routes/login.py index 9833dbdc4..18117cd4c 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -40,7 +40,6 @@ def login_deduct_when(resp): @app.post("/login") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) @auth_desired @limiter.limit("6/minute;10/day", deduct_when=login_deduct_when) @@ -202,7 +201,6 @@ def sign_up_get(v:Optional[User]): @app.post("/signup") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit("10/day") @auth_desired def sign_up_post(v:Optional[User]): @@ -377,7 +375,6 @@ def get_forgot(): @app.post("/forgot") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) def post_forgot(): @@ -444,7 +441,6 @@ def get_reset(): @app.post("/reset") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) @auth_desired def post_reset(v:Optional[User]): @@ -492,7 +488,6 @@ def lost_2fa(v:Optional[User]): @app.post("/lost_2fa") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit("6/minute;200/hour;1000/day") def lost_2fa_post(): username=request.values.get("username") diff --git a/files/routes/posts.py b/files/routes/posts.py index 7fa2f4de6..8fa892986 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -386,7 +386,9 @@ def thumbnail_thread(pid:int, vid:int): @limiter.limit('1/second', scope=rpath) @limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) -def is_repost(): +@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID) +@auth_required +def is_repost(v): not_a_repost = {'permalink': ''} if not FEATURES['REPOST_DETECTION']: return not_a_repost diff --git a/files/routes/static.py b/files/routes/static.py index 1f084efac..9886b2bbc 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -353,7 +353,6 @@ def mobile_app(v:Optional[User]): @app.post("/dismiss_mobile_tip") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) def dismiss_mobile_tip(): session["tooltip_last_dismissed"] = int(time.time()) diff --git a/files/routes/users.py b/files/routes/users.py index 8885b4007..21cad8f13 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -1403,7 +1403,6 @@ if KOFI_TOKEN: @app.post("/gumroad") @limiter.limit('1/second', scope=rpath) -@limiter.limit('1/second', scope=rpath, key_func=get_ID) @limiter.limit(DEFAULT_RATELIMIT) def gumroad(): data = request.values