From 276992730a79ba35476d190fb90e44041b1ac2e5 Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Sat, 20 Apr 2024 17:00:35 +0200
Subject: [PATCH] restore 1/second ratelimit and add comments

---
 files/routes/awards.py |  6 ++++--
 files/routes/casino.py | 32 ++++++++++++++++----------------
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/files/routes/awards.py b/files/routes/awards.py
index f9c8c6a9b..531dcb7bf 100644
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@@ -124,6 +124,8 @@ def buy_awards(v, kind, AWARDS, quantity):
 
 
 @app.post("/buy/<kind>")
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit("100/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400)
 @limiter.limit("100/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -150,8 +152,8 @@ def alter_body(obj):
 		obj.title_html = filter_emojis_only(obj.title, golden=False, obj=obj, author=obj.author)
 
 @app.post("/award/<thing_type>/<int:id>")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
diff --git a/files/routes/casino.py b/files/routes/casino.py
index e8fb58027..63b5db744 100644
--- a/files/routes/casino.py
+++ b/files/routes/casino.py
@@ -80,8 +80,8 @@ def lottershe(v):
 
 # Slots
 @app.post("/casino/slots")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -114,8 +114,8 @@ def pull_slots(v):
 
 # 21
 @app.post("/casino/twentyone/deal")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -136,8 +136,8 @@ def blackjack_deal_to_player(v):
 
 
 @app.post("/casino/twentyone/hit")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -155,8 +155,8 @@ def blackjack_player_hit(v):
 
 
 @app.post("/casino/twentyone/stay")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -174,8 +174,8 @@ def blackjack_player_stay(v):
 
 
 @app.post("/casino/twentyone/double_down")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -192,8 +192,8 @@ def blackjack_player_doubled_down(v):
 
 
 @app.post("/casino/twentyone/buy_insurance")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -209,8 +209,8 @@ def blackjack_player_bought_insurance(v):
 		abort(403, "Unable to buy insurance!")
 
 @app.post("/casino/twentyone/split")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
@@ -240,8 +240,8 @@ def roulette_get_bets(v):
 
 
 @app.post("/casino/roulette/place_bet")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit('1/second', scope=rpath) #Needed to fix race condition
+@limiter.limit('1/second', scope=rpath, key_func=get_ID) #Needed to fix race condition
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
 @limiter.limit(CASINO_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required