From d3f25739f0dc4610211eb4ef318a7a7dc18877fd Mon Sep 17 00:00:00 2001 From: TLSM Date: Sun, 13 Nov 2022 07:24:58 -0500 Subject: [PATCH] Fix ratelimit_user on 3 routes, make proper dec. --- files/helpers/wrappers.py | 8 +++++++- files/routes/awards.py | 2 +- files/routes/settings.py | 2 +- files/routes/users.py | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/files/helpers/wrappers.py b/files/helpers/wrappers.py index 305e9414a..6817d2d90 100644 --- a/files/helpers/wrappers.py +++ b/files/helpers/wrappers.py @@ -151,4 +151,10 @@ def ratelimit_user(limit:Union[str, Callable[[], str]]=DEFAULT_RATELIMIT_USER): Ratelimits based on a user. This requires at least auth_required (or stronger) to be present, otherwise logged out users will receive 500s ''' - return limiter.limit(limit, key_func=lambda:f'{SITE}-{g.v.id}') + def inner(func): + @functools.wraps(func) + @limiter.limit(limit, key_func=lambda:f'{SITE}-{g.v.id}') + def wrapped(*args, **kwargs): + return func(*args, **kwargs) + return wrapped + return inner diff --git a/files/routes/awards.py b/files/routes/awards.py index aa7bd4f6b..6c3623f06 100644 --- a/files/routes/awards.py +++ b/files/routes/awards.py @@ -120,10 +120,10 @@ def buy(v, award): return {"message": f"{award_title} award bought!"} @app.post("/award//") +@feature_required('AWARDS') @limiter.limit(DEFAULT_RATELIMIT_SLOWER) @is_not_permabanned @ratelimit_user() -@feature_required('AWARDS') def award_thing(v, thing_type, id): if thing_type == 'post': thing = get_post(id) diff --git a/files/routes/settings.py b/files/routes/settings.py index 6fec6c447..bd65a8580 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -787,10 +787,10 @@ def settings_title_change(v): @app.post("/settings/pronouns_change") +@feature_required('PRONOUNS') @limiter.limit(DEFAULT_RATELIMIT_SLOWER) @auth_required @ratelimit_user() -@feature_required('PRONOUNS') def settings_pronouns_change(v): pronouns = sanitize_settings_text(request.values.get("pronouns")) diff --git a/files/routes/users.py b/files/routes/users.py index c07def4c8..c48986081 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -319,10 +319,10 @@ def transfer_coins(v, username): return transfer_currency(v, username, 'coins', True) @app.post("/@/transfer_bux") +@feature_required('PROCOINS') @limiter.limit(DEFAULT_RATELIMIT_SLOWER) @is_not_permabanned @ratelimit_user() -@feature_required('PROCOINS') def transfer_bux(v, username): return transfer_currency(v, username, 'procoins', False)