forked from rDrama/rDrama
fix errors
parent
7dd2879328
commit
82a73392a9
|
@ -76,7 +76,7 @@ def edit_rules_get(v):
|
|||
|
||||
|
||||
@app.post('/admin/edit_rules')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("30/minute;200/hour;1000/day")
|
||||
@limiter.limit("30/minute;200/hour;1000/day", key_func=get_ID)
|
||||
@admin_level_required(PERMS['EDIT_RULES'])
|
||||
|
@ -95,7 +95,7 @@ def edit_rules_post(v):
|
|||
return render_template('admin/edit_rules.html', v=v, rules=rules, msg='Rules edited successfully!')
|
||||
|
||||
@app.post("/@<username>/make_admin")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['ADMIN_ADD'])
|
||||
|
@ -118,7 +118,7 @@ def make_admin(v:User, username):
|
|||
|
||||
|
||||
@app.post("/@<username>/remove_admin")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['ADMIN_REMOVE'])
|
||||
|
@ -147,7 +147,7 @@ def remove_admin(v:User, username):
|
|||
return {"message": f"@{user.username} has been removed as admin!"}
|
||||
|
||||
@app.post("/distribute/<int:option_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
|
||||
|
@ -206,7 +206,7 @@ def distribute(v:User, option_id):
|
|||
return {"message": f"Each winner has received {coinsperperson} coins!"}
|
||||
|
||||
@app.post("/@<username>/revert_actions")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
|
||||
|
@ -356,7 +356,7 @@ def admin_home(v):
|
|||
return render_template("admin/admin_home.html", v=v)
|
||||
|
||||
@app.post("/admin/site_settings/<setting>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['SITE_SETTINGS'])
|
||||
|
@ -385,7 +385,7 @@ def change_settings(v:User, setting):
|
|||
return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}
|
||||
|
||||
@app.post("/admin/clear_cloudflare_cache")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
|
||||
|
@ -423,7 +423,7 @@ def badge_grant_get(v):
|
|||
|
||||
@app.post("/admin/badge_grant")
|
||||
@feature_required('BADGES')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
|
@ -485,7 +485,7 @@ def badge_grant_post(v):
|
|||
|
||||
@app.post("/admin/badge_remove")
|
||||
@feature_required('BADGES')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
|
@ -637,7 +637,7 @@ def admin_view_alts(v:User, username=None):
|
|||
return render_template('admin/alts.html', v=v, u=u, alts=u.alts if u else None)
|
||||
|
||||
@app.post('/@<username>/alts/')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_LINK'])
|
||||
|
@ -673,7 +673,7 @@ def admin_add_alt(v:User, username):
|
|||
return {"message": f"Linked @{user1.username} and @{user2.username} successfully!"}
|
||||
|
||||
@app.post('/@<username>/alts/<int:other>/deleted')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_LINK'])
|
||||
|
@ -740,7 +740,7 @@ def admin_removed_comments(v):
|
|||
)
|
||||
|
||||
@app.post("/unagendaposter/<id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
|
||||
|
@ -781,7 +781,7 @@ def unagendaposter(id, v):
|
|||
|
||||
|
||||
@app.post("/shadowban/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_SHADOWBAN'])
|
||||
|
@ -817,7 +817,7 @@ def shadowban(user_id, v):
|
|||
return {"message": f"@{user.username} has been shadowbanned!"}
|
||||
|
||||
@app.post("/unshadowban/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_SHADOWBAN'])
|
||||
|
@ -845,7 +845,7 @@ def unshadowban(user_id, v):
|
|||
|
||||
|
||||
@app.post("/admin/title_change/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_TITLE_CHANGE'])
|
||||
|
@ -890,7 +890,7 @@ def admin_title_change(user_id, v):
|
|||
return {"message": f"@{user.username}'s flair has been changed!"}
|
||||
|
||||
@app.post("/ban_user/<id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BAN'])
|
||||
|
@ -983,7 +983,7 @@ def ban_user(id, v):
|
|||
|
||||
|
||||
@app.post("/agendaposter/<id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
|
||||
|
@ -1079,7 +1079,7 @@ def agendaposter(id, v):
|
|||
|
||||
|
||||
@app.post("/unban_user/<id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BAN'])
|
||||
|
@ -1125,7 +1125,7 @@ def unban_user(id, v):
|
|||
return {"message": f"@{user.username} has been unbanned!"}
|
||||
|
||||
@app.post("/mute_user/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BAN'])
|
||||
|
@ -1147,7 +1147,7 @@ def mute_user(v:User, user_id):
|
|||
|
||||
|
||||
@app.post("/unmute_user/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BAN'])
|
||||
|
@ -1167,7 +1167,7 @@ def unmute_user(v:User, user_id):
|
|||
return {"message": f"@{user.username} has been unmuted!"}
|
||||
|
||||
@app.post("/admin/progstack/post/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['PROGSTACK'])
|
||||
|
@ -1188,7 +1188,7 @@ def progstack_post(post_id, v):
|
|||
return {"message": "Progressive stack applied on post!"}
|
||||
|
||||
@app.post("/admin/unprogstack/post/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['PROGSTACK'])
|
||||
|
@ -1207,7 +1207,7 @@ def unprogstack_post(post_id, v):
|
|||
return {"message": "Progressive stack removed from post!"}
|
||||
|
||||
@app.post("/admin/progstack/comment/<int:comment_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['PROGSTACK'])
|
||||
|
@ -1228,7 +1228,7 @@ def progstack_comment(comment_id, v):
|
|||
return {"message": "Progressive stack applied on comment!"}
|
||||
|
||||
@app.post("/admin/unprogstack/comment/<int:comment_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['PROGSTACK'])
|
||||
|
@ -1247,7 +1247,7 @@ def unprogstack_comment(comment_id, v):
|
|||
return {"message": "Progressive stack removed from comment!"}
|
||||
|
||||
@app.post("/remove_post/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1277,7 +1277,7 @@ def remove_post(post_id, v):
|
|||
|
||||
|
||||
@app.post("/approve_post/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1310,7 +1310,7 @@ def approve_post(post_id, v):
|
|||
|
||||
|
||||
@app.post("/distinguish/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
|
||||
|
@ -1340,7 +1340,7 @@ def distinguish_post(post_id, v):
|
|||
|
||||
@app.post("/sticky/<int:post_id>")
|
||||
@feature_required('PINS')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1386,7 +1386,7 @@ def sticky_post(post_id, v):
|
|||
|
||||
|
||||
@app.post("/unsticky/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1417,7 +1417,7 @@ def unsticky_post(post_id, v):
|
|||
return {"message": "Post unpinned!"}
|
||||
|
||||
@app.post("/sticky_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1455,7 +1455,7 @@ def sticky_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/unsticky_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1489,7 +1489,7 @@ def unsticky_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/remove_comment/<int:c_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1511,7 +1511,7 @@ def remove_comment(c_id, v):
|
|||
|
||||
|
||||
@app.post("/approve_comment/<int:c_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1539,7 +1539,7 @@ def approve_comment(c_id, v):
|
|||
|
||||
|
||||
@app.post("/distinguish_comment/<int:c_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
|
||||
|
@ -1577,7 +1577,7 @@ def admin_banned_domains(v):
|
|||
banned_domains=banned_domains)
|
||||
|
||||
@app.post("/admin/ban_domain")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['DOMAINS_BAN'])
|
||||
|
@ -1610,7 +1610,7 @@ def ban_domain(v):
|
|||
|
||||
|
||||
@app.post("/admin/unban_domain/<path:domain>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['DOMAINS_BAN'])
|
||||
|
@ -1631,7 +1631,7 @@ def unban_domain(v:User, domain):
|
|||
|
||||
|
||||
@app.post("/admin/nuke_user")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1666,7 +1666,7 @@ def admin_nuke_user(v):
|
|||
|
||||
|
||||
@app.post("/admin/unnuke_user")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
|
@ -1702,7 +1702,7 @@ def admin_nunuke_user(v):
|
|||
return {"message": f"@{user.username}'s content has been approved!"}
|
||||
|
||||
@app.post("/blacklist/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BLACKLIST'])
|
||||
|
@ -1724,7 +1724,7 @@ def blacklist_user(user_id, v):
|
|||
return {"message": f"@{user.username} has been blacklisted from restricted holes!"}
|
||||
|
||||
@app.post("/unblacklist/<int:user_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['USER_BLACKLIST'])
|
||||
|
@ -1754,7 +1754,7 @@ def delete_media_get(v):
|
|||
return render_template("admin/delete_media.html", v=v)
|
||||
|
||||
@app.post("/admin/delete_media")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['DELETE_MEDIA'])
|
||||
|
|
|
@ -34,7 +34,7 @@ def submit_marseys(v:User):
|
|||
|
||||
|
||||
@app.post("/submit/marseys")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -109,7 +109,7 @@ def verify_permissions_and_get_asset(cls, asset_type:str, v:User, name:str, make
|
|||
return asset
|
||||
|
||||
@app.post("/admin/approve/marsey/<name>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['MODERATE_PENDING_SUBMITTED_ASSETS'])
|
||||
|
@ -209,7 +209,7 @@ def remove_asset(cls, type_name:str, v:User, name:str) -> dict[str, str]:
|
|||
return {"message": f"'{name}' removed!"}
|
||||
|
||||
@app.post("/remove/marsey/<name>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -228,7 +228,7 @@ def submit_hats(v:User):
|
|||
|
||||
|
||||
@app.post("/submit/hats")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -292,7 +292,7 @@ def submit_hat(v:User):
|
|||
|
||||
|
||||
@app.post("/admin/approve/hat/<name>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("120/minute;200/hour;1000/day")
|
||||
@limiter.limit("120/minute;200/hour;1000/day", key_func=get_ID)
|
||||
@admin_level_required(PERMS['MODERATE_PENDING_SUBMITTED_ASSETS'])
|
||||
|
@ -364,7 +364,7 @@ def approve_hat(v, name):
|
|||
return {"message": f"'{hat.name}' approved!"}
|
||||
|
||||
@app.post("/remove/hat/<name>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -391,7 +391,7 @@ def update_marseys(v):
|
|||
|
||||
|
||||
@app.post("/admin/update/marseys")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['UPDATE_ASSETS'])
|
||||
|
@ -452,7 +452,7 @@ def update_hats(v):
|
|||
|
||||
|
||||
@app.post("/admin/update/hats")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['UPDATE_ASSETS'])
|
||||
|
|
|
@ -47,7 +47,7 @@ def shop(v:User):
|
|||
|
||||
|
||||
@app.post("/buy/<award>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("100/minute;200/hour;1000/day")
|
||||
@limiter.limit("100/minute;200/hour;1000/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -129,7 +129,7 @@ def buy(v:User, award):
|
|||
return {"message": f"{award_title} award bought!"}
|
||||
|
||||
@app.post("/award/<thing_type>/<int:id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
|
|
@ -80,7 +80,7 @@ def lottershe(v:User):
|
|||
|
||||
# Slots
|
||||
@app.post("/casino/slots")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -113,7 +113,7 @@ def pull_slots(v:User):
|
|||
|
||||
# 21
|
||||
@app.post("/casino/twentyone/deal")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -134,7 +134,7 @@ def blackjack_deal_to_player(v:User):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/hit")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -151,7 +151,7 @@ def blackjack_player_hit(v:User):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/stay")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -168,7 +168,7 @@ def blackjack_player_stay(v:User):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/double-down")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -185,7 +185,7 @@ def blackjack_player_doubled_down(v:User):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/buy-insurance")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -215,7 +215,7 @@ def roulette_get_bets(v:User):
|
|||
|
||||
|
||||
@app.post("/casino/roulette/place-bet")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(CASINO_RATELIMIT)
|
||||
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -83,7 +83,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
|
|||
return render_template(template, v=v, p=post, sort=sort, comment_info=comment_info, render_replies=True, sub=post.subr)
|
||||
|
||||
@app.post("/comment")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("20/minute;200/hour;1000/day")
|
||||
@limiter.limit("20/minute;200/hour;1000/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -374,7 +374,7 @@ def comment(v:User):
|
|||
return {"comment": render_template("comments.html", v=v, comments=[c])}
|
||||
|
||||
@app.post("/edit_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/minute;100/hour;200/day")
|
||||
@limiter.limit("10/minute;100/hour;200/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -452,7 +452,7 @@ def edit_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/delete/comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -475,7 +475,7 @@ def delete_comment(cid, v):
|
|||
return {"message": "Comment deleted!"}
|
||||
|
||||
@app.post("/undelete/comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -497,7 +497,7 @@ def undelete_comment(cid, v):
|
|||
|
||||
@app.post("/pin_comment/<int:cid>")
|
||||
@feature_required('PINS')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -522,7 +522,7 @@ def pin_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/unpin_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -546,7 +546,7 @@ def unpin_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/save_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -564,7 +564,7 @@ def save_comment(cid, v):
|
|||
return {"message": "Comment saved!"}
|
||||
|
||||
@app.post("/unsave_comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -601,7 +601,7 @@ def diff_words(answer, guess):
|
|||
|
||||
|
||||
@app.post("/wordle/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -635,7 +635,7 @@ def handle_wordle_action(cid, v):
|
|||
|
||||
@app.post("/toggle_comment_nsfw/<int:cid>")
|
||||
@feature_required('NSFW_MARKING')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -62,7 +62,7 @@ def error_500(e):
|
|||
|
||||
|
||||
@app.post("/allow_nsfw")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
def allow_nsfw():
|
||||
session["over_18"] = int(time.time()) + 3600
|
||||
|
|
|
@ -16,7 +16,7 @@ def ping_groups(v:User):
|
|||
return render_template('groups.html', v=v, groups=groups, cost=GROUP_COST, msg=get_msg(), error=get_error())
|
||||
|
||||
@app.post("/create_group")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -55,7 +55,7 @@ def create_group(v):
|
|||
return redirect(f'/ping_groups?msg=!{group} created successfully!')
|
||||
|
||||
@app.post("/!<group_name>/apply")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -71,7 +71,7 @@ def join_group(v:User, group_name):
|
|||
return {"message": f"Application submitted to !{group}'s owner (@{group.owner.username}) successfully!"}
|
||||
|
||||
@app.post("/!<group_name>/leave")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -116,7 +116,7 @@ def memberships(v:User, group_name):
|
|||
return render_template('group_memberships.html', v=v, group=group, members=members, applications=applications)
|
||||
|
||||
@app.post("/!<group_name>/<user_id>/approve")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -139,7 +139,7 @@ def group_approve(v:User, group_name, user_id):
|
|||
return {"message": f'You have approved @{application.user.username} successfully!'}
|
||||
|
||||
@app.post("/!<group_name>/<user_id>/reject")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -29,7 +29,7 @@ def hats(v:User):
|
|||
return render_template("hats.html", owned_hat_ids=owned_hat_ids, hats=hats, v=v, sales=sales, num_of_hats=num_of_hats)
|
||||
|
||||
@app.post("/buy_hat/<int:hat_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit('100/minute;1000/3 days')
|
||||
@limiter.limit('100/minute;1000/3 days', key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -82,7 +82,7 @@ def buy_hat(v:User, hat_id):
|
|||
|
||||
|
||||
@app.post("/equip_hat/<int:hat_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -99,7 +99,7 @@ def equip_hat(v:User, hat_id):
|
|||
return {"message": f"'{hat.name}' equipped!"}
|
||||
|
||||
@app.post("/unequip_hat/<int:hat_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -39,7 +39,7 @@ def login_deduct_when(resp):
|
|||
return g.login_failed
|
||||
|
||||
@app.post("/login")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@auth_desired
|
||||
@limiter.limit("6/minute;10/day", deduct_when=login_deduct_when)
|
||||
|
@ -139,7 +139,7 @@ def me(v:User):
|
|||
|
||||
|
||||
@app.post("/logout")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -199,7 +199,7 @@ def sign_up_get(v:Optional[User]):
|
|||
|
||||
|
||||
@app.post("/signup")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/day")
|
||||
@auth_desired
|
||||
def sign_up_post(v:Optional[User]):
|
||||
|
@ -373,7 +373,7 @@ def get_forgot():
|
|||
|
||||
|
||||
@app.post("/forgot")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
def post_forgot():
|
||||
|
||||
|
@ -439,7 +439,7 @@ def get_reset():
|
|||
|
||||
|
||||
@app.post("/reset")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@auth_desired
|
||||
def post_reset(v:Optional[User]):
|
||||
|
@ -486,7 +486,7 @@ def lost_2fa(v:Optional[User]):
|
|||
return render_template("login/lost_2fa.html", v=v)
|
||||
|
||||
@app.post("/lost_2fa")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("6/minute;200/hour;1000/day")
|
||||
def lost_2fa_post():
|
||||
username=request.values.get("username")
|
||||
|
|
|
@ -7,7 +7,7 @@ from files.routes.wrappers import *
|
|||
from files.__main__ import app, limiter
|
||||
|
||||
@app.post("/lottery/end")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
|
@ -17,7 +17,7 @@ def lottery_end(v):
|
|||
|
||||
|
||||
@app.post("/lottery/start")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
|
@ -27,7 +27,7 @@ def lottery_start(v):
|
|||
|
||||
|
||||
@app.post("/lottery/buy")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("100/minute;500/hour;1000/day")
|
||||
@limiter.limit("100/minute;500/hour;1000/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -10,7 +10,7 @@ from files.routes.users import claim_rewards
|
|||
from files.__main__ import app, limiter
|
||||
|
||||
@app.post("/verify_email")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -11,7 +11,7 @@ from files.routes.wrappers import *
|
|||
from files.__main__ import app
|
||||
|
||||
@app.post("/clear")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -18,7 +18,7 @@ def authorize_prompt(v:User):
|
|||
return render_template("oauth.html", v=v, application=application)
|
||||
|
||||
@app.post("/authorize")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -39,7 +39,7 @@ def authorize(v):
|
|||
return redirect(f"{application.redirect_uri}?token={access_token}")
|
||||
|
||||
@app.post("/rescind/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -52,7 +52,7 @@ def rescind(v, aid):
|
|||
|
||||
|
||||
@app.post("/api_keys")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -94,7 +94,7 @@ def request_api_keys(v):
|
|||
|
||||
|
||||
@app.post("/delete_app/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -118,7 +118,7 @@ def delete_oauth_app(v, aid):
|
|||
|
||||
|
||||
@app.post("/edit_app/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -143,7 +143,7 @@ def edit_oauth_app(v, aid):
|
|||
|
||||
|
||||
@app.post("/admin/app/approve/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['APPS_MODERATION'])
|
||||
|
@ -181,7 +181,7 @@ def admin_app_approve(v, aid):
|
|||
|
||||
|
||||
@app.post("/admin/app/revoke/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['APPS_MODERATION'])
|
||||
|
@ -208,7 +208,7 @@ def admin_app_revoke(v, aid):
|
|||
|
||||
|
||||
@app.post("/admin/app/reject/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@admin_level_required(PERMS['APPS_MODERATION'])
|
||||
|
@ -298,7 +298,7 @@ def admin_apps_list(v):
|
|||
|
||||
|
||||
@app.post("/reroll/<int:aid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -6,7 +6,7 @@ from files.__main__ import app
|
|||
|
||||
|
||||
@app.post("/vote/post/option/<int:option_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -88,7 +88,7 @@ def option_votes(option_id, v):
|
|||
|
||||
|
||||
@app.post("/vote/comment/option/<int:option_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
|
|
@ -33,7 +33,7 @@ from files.__main__ import app, limiter
|
|||
titleheaders = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"}
|
||||
|
||||
@app.post("/publish/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -256,7 +256,7 @@ def more_comments(v, cid):
|
|||
return render_template("comments.html", v=v, comments=comments, p=p, render_replies=True)
|
||||
|
||||
@app.post("/edit_post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/minute;100/hour;200/day")
|
||||
@limiter.limit("10/minute;100/hour;200/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -478,7 +478,7 @@ def thumbnail_thread(pid:int, vid:int):
|
|||
|
||||
|
||||
@app.post("/is_repost")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
def is_repost():
|
||||
not_a_repost = {'permalink': ''}
|
||||
|
@ -524,7 +524,7 @@ def is_repost():
|
|||
|
||||
@app.post("/submit")
|
||||
@app.post("/h/<sub>/submit")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(POST_RATELIMIT)
|
||||
@limiter.limit(POST_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -806,7 +806,7 @@ def submit_post(v:User, sub=None):
|
|||
return {"post_id": post.id}
|
||||
|
||||
@app.post("/delete_post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -834,7 +834,7 @@ def delete_post_pid(pid, v):
|
|||
return {"message": "Post deleted!"}
|
||||
|
||||
@app.post("/undelete_post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -858,7 +858,7 @@ def undelete_post_pid(pid, v):
|
|||
|
||||
@app.post("/mark_post_nsfw/<int:pid>")
|
||||
@feature_required('NSFW_MARKING')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -896,7 +896,7 @@ def mark_post_nsfw(pid, v):
|
|||
|
||||
@app.post("/unmark_post_nsfw/<int:pid>")
|
||||
@feature_required('NSFW_MARKING')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -933,7 +933,7 @@ def unmark_post_nsfw(pid, v):
|
|||
return {"message": "Post has been unmarked as +18!"}
|
||||
|
||||
@app.post("/save_post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -950,7 +950,7 @@ def save_post(pid, v):
|
|||
return {"message": "Post saved!"}
|
||||
|
||||
@app.post("/unsave_post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -966,7 +966,7 @@ def unsave_post(pid, v):
|
|||
return {"message": "Post unsaved!"}
|
||||
|
||||
@app.post("/pin/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -4,7 +4,7 @@ from flask import request, g
|
|||
from files.classes.push_subscriptions import PushSubscription
|
||||
|
||||
@app.post("/push_subscribe")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -12,7 +12,7 @@ from files.routes.wrappers import *
|
|||
from files.__main__ import app, limiter, cache
|
||||
|
||||
@app.post("/report/post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -69,7 +69,7 @@ def flag_post(pid, v):
|
|||
|
||||
|
||||
@app.post("/report/comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -96,7 +96,7 @@ def flag_comment(cid, v):
|
|||
|
||||
|
||||
@app.post('/del_report/post/<int:pid>/<int:uid>')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("100/minute;300/hour;2000/day")
|
||||
@limiter.limit("100/minute;300/hour;2000/day", key_func=get_ID)
|
||||
@admin_level_required(PERMS['FLAGS_REMOVE'])
|
||||
|
@ -121,7 +121,7 @@ def remove_report_post(v, pid, uid):
|
|||
|
||||
|
||||
@app.post('/del_report/comment/<int:cid>/<int:uid>')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("100/minute;300/hour;2000/day")
|
||||
@limiter.limit("100/minute;300/hour;2000/day", key_func=get_ID)
|
||||
@admin_level_required(PERMS['FLAGS_REMOVE'])
|
||||
|
|
|
@ -51,7 +51,7 @@ def remove_background(v):
|
|||
return {"message": "Background removed!"}
|
||||
|
||||
@app.post('/settings/custom_background')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -76,7 +76,7 @@ def upload_custom_background(v):
|
|||
return redirect('/settings/personal')
|
||||
|
||||
@app.post('/settings/profile_background')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -108,7 +108,7 @@ def delete_profile_background(v):
|
|||
return {"message": "Profile background removed!"}
|
||||
|
||||
@app.post("/settings/personal")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -366,7 +366,7 @@ def settings_personal_post(v):
|
|||
|
||||
|
||||
@app.post("/settings/filters")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -395,7 +395,7 @@ def set_color(v:User, attr:str, color:Optional[str]):
|
|||
|
||||
|
||||
@app.post("/settings/namecolor")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -403,7 +403,7 @@ def namecolor(v):
|
|||
return set_color(v, "namecolor", request.values.get("namecolor"))
|
||||
|
||||
@app.post("/settings/themecolor")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -411,7 +411,7 @@ def themecolor(v):
|
|||
return set_color(v, "themecolor", request.values.get("themecolor"))
|
||||
|
||||
@app.post("/settings/titlecolor")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -419,7 +419,7 @@ def titlecolor(v):
|
|||
return set_color(v, "titlecolor", request.values.get("titlecolor"))
|
||||
|
||||
@app.post("/settings/verifiedcolor")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -428,7 +428,7 @@ def verifiedcolor(v):
|
|||
return set_color(v, "verifiedcolor", request.values.get("verifiedcolor"))
|
||||
|
||||
@app.post("/settings/security")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -503,7 +503,7 @@ def settings_security_post(v):
|
|||
return render_template("settings/security.html", v=v, msg="Two-factor authentication disabled!")
|
||||
|
||||
@app.post("/settings/log_out_all_others")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -520,7 +520,7 @@ def settings_log_out_others(v):
|
|||
|
||||
|
||||
@app.post("/settings/images/profile")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -560,7 +560,7 @@ def settings_images_profile(v):
|
|||
|
||||
@app.post("/settings/images/banner")
|
||||
@feature_required('USERS_PROFILE_BANNER')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -589,7 +589,7 @@ def settings_css_get(v:User):
|
|||
return render_template("settings/css.html", v=v, msg=get_msg(), profilecss=v.profilecss)
|
||||
|
||||
@app.post("/settings/css")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -602,7 +602,7 @@ def settings_css(v):
|
|||
return render_template("settings/css.html", v=v, msg="Custom CSS successfully updated!", profilecss=v.profilecss)
|
||||
|
||||
@app.post("/settings/profilecss")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -629,7 +629,7 @@ def settings_security(v:User):
|
|||
)
|
||||
|
||||
@app.post("/settings/block")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("20/day")
|
||||
@limiter.limit("20/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -657,7 +657,7 @@ def settings_block_user(v):
|
|||
|
||||
|
||||
@app.post("/settings/unblock")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -686,7 +686,7 @@ def settings_advanced_get(v:User):
|
|||
return render_template("settings/advanced.html", v=v, msg=get_msg(), error=get_error())
|
||||
|
||||
@app.post("/settings/name_change")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -726,7 +726,7 @@ def settings_name_change(v):
|
|||
|
||||
@app.post("/settings/song_change_mp3")
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/day")
|
||||
@limiter.limit("10/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -791,7 +791,7 @@ def _change_song_youtube(vid, id):
|
|||
|
||||
@app.post("/settings/song_change")
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/day")
|
||||
@limiter.limit("10/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -843,7 +843,7 @@ def settings_song_change(v):
|
|||
return redirect("/settings/personal?msg=Profile Anthem successfully updated. Wait 5 minutes for the change to take effect.")
|
||||
|
||||
@app.post("/settings/title_change")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -873,7 +873,7 @@ def settings_title_change(v):
|
|||
|
||||
@app.post("/settings/pronouns_change")
|
||||
@feature_required('PRONOUNS')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -900,7 +900,7 @@ def settings_pronouns_change(v):
|
|||
|
||||
|
||||
@app.post("/settings/checkmark_text")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -915,7 +915,7 @@ def settings_checkmark_text(v):
|
|||
|
||||
if IS_FISTMAS():
|
||||
@app.post("/events/fistmas2022/darkmode")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -244,7 +244,7 @@ def contact(v:Optional[User]):
|
|||
return render_template("contact.html", v=v, msg=get_msg())
|
||||
|
||||
@app.post("/contact")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("1/2 minutes;10/day")
|
||||
@limiter.limit("1/2 minutes;10/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -344,7 +344,7 @@ def mobile_app(v:Optional[User]):
|
|||
return render_template("app.html", v=v)
|
||||
|
||||
@app.post("/dismiss_mobile_tip")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
def dismiss_mobile_tip():
|
||||
session["tooltip_last_dismissed"] = int(time.time())
|
||||
|
|
|
@ -8,7 +8,7 @@ from .front import frontlist
|
|||
from files.__main__ import app, cache, limiter
|
||||
|
||||
@app.post("/exile/post/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -42,7 +42,7 @@ def exile_post(v:User, pid):
|
|||
return {"message": f"@{u.username} has been exiled from /h/{sub} successfully!"}
|
||||
|
||||
@app.post("/exile/comment/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -76,7 +76,7 @@ def exile_comment(v:User, cid):
|
|||
return {"message": f"@{u.username} has been exiled from /h/{sub} successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/unexile/<int:uid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -107,7 +107,7 @@ def unexile(v:User, sub, uid):
|
|||
return redirect(f'/h/{sub}/exilees')
|
||||
|
||||
@app.post("/h/<sub>/block")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -121,7 +121,7 @@ def block_sub(v:User, sub):
|
|||
return {"message": f"/h/{sub} blocked successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/unblock")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -139,7 +139,7 @@ def unblock_sub(v:User, sub):
|
|||
return {"message": f"/h/{sub.name} unblocked successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/subscribe")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -153,7 +153,7 @@ def subscribe_sub(v:User, sub):
|
|||
return {"message": f"/h/{sub} unblocked successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/unsubscribe")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -166,7 +166,7 @@ def unsubscribe_sub(v:User, sub):
|
|||
return {"message": f"/h/{sub} blocked successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/follow")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -183,7 +183,7 @@ def follow_sub(v:User, sub):
|
|||
return {"message": f"/h/{sub} followed successfully!"}
|
||||
|
||||
@app.post("/h/<sub>/unfollow")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -257,7 +257,7 @@ def sub_followers(v:User, sub):
|
|||
|
||||
|
||||
@app.post("/h/<sub>/add_mod")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("30/day")
|
||||
@limiter.limit("30/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -296,7 +296,7 @@ def add_mod(v:User, sub):
|
|||
return redirect(f'/h/{sub}/mods')
|
||||
|
||||
@app.post("/h/<sub>/remove_mod")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -348,7 +348,7 @@ def create_sub(v):
|
|||
return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error=get_error())
|
||||
|
||||
@app.post("/create_hole")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -384,7 +384,7 @@ def create_sub2(v):
|
|||
return redirect(f'/h/{sub}')
|
||||
|
||||
@app.post("/kick/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -428,7 +428,7 @@ def sub_settings(v:User, sub):
|
|||
|
||||
|
||||
@app.post('/h/<sub>/sidebar')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -454,7 +454,7 @@ def post_sub_sidebar(v:User, sub):
|
|||
|
||||
|
||||
@app.post('/h/<sub>/css')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -496,7 +496,7 @@ def get_sub_css(sub):
|
|||
return resp
|
||||
|
||||
@app.post("/h/<sub>/settings/banners/")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("50/day")
|
||||
@limiter.limit("50/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -584,7 +584,7 @@ def delete_all_sub_banners(v:User, sub:str):
|
|||
return {"message": f"Deleted all banners from /h/{sub} successfully"}
|
||||
|
||||
@app.post("/h/<sub>/sidebar_image")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/day")
|
||||
@limiter.limit("10/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -616,7 +616,7 @@ def sub_sidebar(v:User, sub):
|
|||
return redirect(f'/h/{sub}/settings')
|
||||
|
||||
@app.post("/h/<sub>/marsey_image")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/day")
|
||||
@limiter.limit("10/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -658,7 +658,7 @@ def subs(v:User):
|
|||
return render_template('sub/subs.html', v=v, subs=subs, total_users=total_users)
|
||||
|
||||
@app.post("/hole_pin/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -689,7 +689,7 @@ def hole_pin(v:User, pid):
|
|||
return {"message": f"Post pinned to /h/{p.sub} successfully!"}
|
||||
|
||||
@app.post("/hole_unpin/<int:pid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -721,7 +721,7 @@ def hole_unpin(v:User, pid):
|
|||
|
||||
|
||||
@app.post('/h/<sub>/stealth')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -756,7 +756,7 @@ def sub_stealth(v:User, sub):
|
|||
|
||||
@app.post("/mod_pin/<int:cid>")
|
||||
@feature_required('PINS')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -786,7 +786,7 @@ def mod_pin(cid, v):
|
|||
return {"message": "Comment pinned!"}
|
||||
|
||||
@app.post("/unmod_pin/<int:cid>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
|
|
@ -315,7 +315,7 @@ def downvoting(v:User, username:str):
|
|||
|
||||
@app.post("/@<username>/suicide")
|
||||
@feature_required('USERS_SUICIDE')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("5/day")
|
||||
@limiter.limit("5/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -376,7 +376,7 @@ def transfer_currency(v:User, username:str, currency_name:Literal['coins', 'mars
|
|||
return {"message": f"{amount - tax} {currency_name} have been transferred to @{receiver.username}"}
|
||||
|
||||
@app.post("/@<username>/transfer_coins")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -385,7 +385,7 @@ def transfer_coins(v:User, username:str):
|
|||
|
||||
@app.post("/@<username>/transfer_bux")
|
||||
@feature_required('MARSEYBUX')
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -477,7 +477,7 @@ def usersong(username:str):
|
|||
else: abort(404)
|
||||
|
||||
@app.post("/subscribe/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -489,7 +489,7 @@ def subscribe(v, post_id):
|
|||
return {"message": "Subscribed to post successfully!"}
|
||||
|
||||
@app.post("/unsubscribe/<int:post_id>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -500,7 +500,7 @@ def unsubscribe(v, post_id):
|
|||
return {"message": "Unsubscribed from post successfully!"}
|
||||
|
||||
@app.post("/@<username>/message")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("10/minute;20/hour;50/day")
|
||||
@limiter.limit("10/minute;20/hour;50/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -563,7 +563,7 @@ def message2(v:User, username:str):
|
|||
|
||||
|
||||
@app.post("/reply")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("6/minute;50/hour;200/day")
|
||||
@limiter.limit("6/minute;50/hour;200/day", key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -1087,7 +1087,7 @@ def u_user_id_info(id, v=None):
|
|||
return user.json
|
||||
|
||||
@app.post("/follow/<username>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -1115,7 +1115,7 @@ def follow_user(username, v):
|
|||
return {"message": f"@{target.username} has been followed!"}
|
||||
|
||||
@app.post("/unfollow/<username>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -1144,7 +1144,7 @@ def unfollow_user(username, v):
|
|||
return {"message": f"@{target.username} has been unfollowed!"}
|
||||
|
||||
@app.post("/remove_follow/<username>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -1240,7 +1240,7 @@ def subscribed_posts(v:User, username):
|
|||
return get_saves_and_subscribes(v, "userpage/submissions.html", Subscription, page, False)
|
||||
|
||||
@app.post("/fp/<fp>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
@ -1402,7 +1402,7 @@ if KOFI_TOKEN:
|
|||
return ''
|
||||
|
||||
@app.post("/gumroad")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
def gumroad():
|
||||
data = request.values
|
||||
|
@ -1435,7 +1435,7 @@ def gumroad():
|
|||
|
||||
|
||||
@app.post("/settings/claim_rewards")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit(DEFAULT_RATELIMIT)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||
@auth_required
|
||||
|
|
|
@ -195,7 +195,7 @@ def vote_post_comment(target_id, new, v, cls, vote_cls):
|
|||
|
||||
|
||||
@app.post("/vote/post/<int:post_id>/<new>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("60/minute;1000/hour;2000/day")
|
||||
@limiter.limit("60/minute;1000/hour;2000/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
@ -203,7 +203,7 @@ def vote_post(post_id, new, v):
|
|||
return vote_post_comment(post_id, new, v, Submission, Vote)
|
||||
|
||||
@app.post("/vote/comment/<int:comment_id>/<new>")
|
||||
@limiter.limit('1/second', scope=path)
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit("60/minute;1000/hour;2000/day")
|
||||
@limiter.limit("60/minute;1000/hour;2000/day", key_func=get_ID)
|
||||
@is_not_permabanned
|
||||
|
|
|
@ -10,7 +10,7 @@ from files.helpers.settings import get_setting
|
|||
from files.routes.routehelpers import validate_formkey
|
||||
from files.__main__ import app, db_session, limiter
|
||||
|
||||
def path(n):
|
||||
def rpath(n):
|
||||
return request.path
|
||||
|
||||
def get_ID():
|
||||
|
|
Loading…
Reference in New Issue