ratelimiting: use ratelimit_user everywhere

files/routes/comments.py

@@ -81,7 +81,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
 
 @app.post("/comment")
 @limiter.limit("1/second;20/minute;200/hour;1000/day")
-@limiter.limit("1/second;20/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;20/minute;200/hour;1000/day")
 @auth_required
 def comment(v):
 	if v.is_suspended: abort(403, "You can't perform this action while banned.")
@@ -368,7 +368,7 @@ def comment(v):
 
 @app.post("/edit_comment/<cid>")
 @limiter.limit("1/second;10/minute;100/hour;200/day")
-@limiter.limit("1/second;10/minute;100/hour;200/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/minute;100/hour;200/day")
 @is_not_permabanned
 def edit_comment(cid, v):
 	c = get_comment(cid, v=v)

files/routes/posts.py

@@ -310,7 +310,7 @@ def morecomments(v, cid):
 
 @app.post("/edit_post/<pid>")
 @limiter.limit("1/second;10/minute;100/hour;200/day")
-@limiter.limit("1/second;10/minute;100/hour;200/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/minute;100/hour;200/day")
 @is_not_permabanned
 def edit_post(pid, v):
 	p = get_post(pid)
@@ -1072,7 +1072,7 @@ extensions = IMAGE_FORMATS + VIDEO_FORMATS + AUDIO_FORMATS
 
 @app.get("/submit/title")
 @limiter.limit("3/minute")
-@limiter.limit("3/minute", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("3/minute")
 @auth_required
 def get_post_title(v):
 	url = request.values.get("url")

files/routes/settings.py

@@ -580,7 +580,7 @@ def settings_security(v):
 
 @app.post("/settings/block")
 @limiter.limit("1/second;20/day")
-@limiter.limit("1/second;20/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;20/day")
 @auth_required
 def settings_block_user(v):
 	user = get_user(request.values.get("username"), graceful=True)
@@ -670,7 +670,7 @@ def settings_name_change(v):
 @app.post("/settings/song_change_mp3")
 @feature_required('USERS_PROFILE_SONG')
 @limiter.limit("3/second;10/day")
-@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("3/second;10/day")
 @auth_required
 def settings_song_change_mp3(v):
 	file = request.files['file']
@@ -698,7 +698,7 @@ def settings_song_change_mp3(v):
 @app.post("/settings/song_change")
 @feature_required('USERS_PROFILE_SONG')
 @limiter.limit("3/second;10/day")
-@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("3/second;10/day")
 @auth_required
 def settings_song_change(v):
 	song=request.values.get("song").strip()

files/routes/static.py

@@ -208,7 +208,7 @@ def contact(v):
 
 @app.post("/send_admin")
 @limiter.limit("1/second;1/2 minutes;10/day")
-@limiter.limit("1/second;1/2 minutes;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;1/2 minutes;10/day")
 @auth_required
 def submit_contact(v):
 	body = request.values.get("message")

files/routes/subs.py

@@ -232,7 +232,7 @@ def sub_followers(v, sub):
 
 @app.post("/h/<sub>/add_mod")
 @limiter.limit("1/second;30/day")
-@limiter.limit("1/second;30/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;30/day")
 @is_not_permabanned
 def add_mod(v, sub):
 	if SITE_NAME == 'WPD': abort(403)
@@ -457,7 +457,7 @@ def get_sub_css(sub):
 
 @app.post("/h/<sub>/banner")
 @limiter.limit("1/second;10/day")
-@limiter.limit("1/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/day")
 @is_not_permabanned
 def sub_banner(v, sub):
 	if g.is_tor: abort(403, "Image uploads are not allowed through TOR.")
@@ -490,7 +490,7 @@ def sub_banner(v, sub):
 
 @app.post("/h/<sub>/sidebar_image")
 @limiter.limit("1/second;10/day")
-@limiter.limit("1/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/day")
 @is_not_permabanned
 def sub_sidebar(v, sub):
 	if g.is_tor: abort(403, "Image uploads are not allowed through TOR.")
@@ -522,7 +522,7 @@ def sub_sidebar(v, sub):
 
 @app.post("/h/<sub>/marsey_image")
 @limiter.limit("1/second;10/day")
-@limiter.limit("1/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/day")
 @is_not_permabanned
 def sub_marsey(v, sub):
 	if g.is_tor: abort(403, "Image uploads are not allowed through TOR.")

files/routes/users.py

@@ -255,7 +255,7 @@ def downvoting(v, username):
 @app.post("/@<username>/suicide")
 @feature_required('USERS_SUICIDE')
 @limiter.limit("1/second;5/day")
-@limiter.limit("1/second;5/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;5/day")
 @auth_required
 def suicide(v, username):
 	
@@ -416,7 +416,7 @@ def unsubscribe(v, post_id):
 
 @app.post("/@<username>/message")
 @limiter.limit("1/second;10/minute;20/hour;50/day")
-@limiter.limit("1/second;10/minute;20/hour;50/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;10/minute;20/hour;50/day")
 @is_not_permabanned
 def message2(v, username):
 	user = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
@@ -481,7 +481,7 @@ def message2(v, username):
 
 @app.post("/reply")
 @limiter.limit("1/second;6/minute;50/hour;200/day")
-@limiter.limit("1/second;6/minute;50/hour;200/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("1/second;6/minute;50/hour;200/day")
 @auth_required
 def messagereply(v):
 	body = sanitize_raw_body(request.values.get("body"), False)

files/routes/votes.py

@@ -166,14 +166,14 @@ def vote_post_comment(target_id, new, v, cls, vote_cls):
 
 @app.post("/vote/post/<post_id>/<new>")
 @limiter.limit("5/second;60/minute;1000/hour;2000/day")
-@limiter.limit("5/second;60/minute;1000/hour;2000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("5/second;60/minute;1000/hour;2000/day")
 @is_not_permabanned
 def vote_post(post_id, new, v):
 	return vote_post_comment(post_id, new, v, Submission, Vote)
 
 @app.post("/vote/comment/<comment_id>/<new>")
 @limiter.limit("5/second;60/minute;1000/hour;2000/day")
-@limiter.limit("5/second;60/minute;1000/hour;2000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@ratelimit_user("5/second;60/minute;1000/hour;2000/day")
 @is_not_permabanned
 def vote_comment(comment_id, new, v):
 	return vote_post_comment(comment_id, new, v, Comment, CommentVote)