daniel156161/simple-nanoshare
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

add better rate limits
Build and Push Docker Container / build-and-push (push) Successful in 1m48s
Details

Browse Source
This commit is contained in:
Daniel Dolezal
2025-10-24 21:59:02 +02:00
parent 6f85ee1856
commit 180fd1c071
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/handeling/errorsAndBots.py
+5
View File
@@ -6,6 +6,11 @@ from my_modules.functions import get_ip, enforce_custom_limit
@app.errorhandler(401) @app.errorhandler(401)
async def handle_unauthorized(e): async def handle_unauthorized(e):
try:
enforce_custom_limit(LIMITER, "401", limit_count=5, window_sec=1800)
except LookupError as e:
return await to_many_requests(e)
await logger.error(e) await logger.error(e)
return redirect(url_for('auth_login.login')) return redirect(url_for('auth_login.login'))
routes/side/main.py
+2 -5
View File
@@ -10,35 +10,32 @@ from datetime import datetime, timezone
side_main_bp = Blueprint('side_main', __name__) side_main_bp = Blueprint('side_main', __name__)
@side_main_bp.route('/') @side_main_bp.route('/')
@LIMITER.limit("10 per minute") @LIMITER.limit("10 per minute;50 per hour")
async def index(): async def index():
if session.get("user") is not None: if session.get("user") is not None:
return await render_template("views/webpage/upload.htm") return await render_template("views/webpage/upload.htm")
return await render_template("views/webpage/index.htm") return await render_template("views/webpage/index.htm")
@side_main_bp.route('/files') @side_main_bp.route('/files')
@LIMITER.limit("10 per minute")
@login_required @login_required
async def files(user): async def files(user):
files_data = await current_app.edgedb.get_files(current_datetime=datetime.now(timezone.utc), user_id=user['sub']) files_data = await current_app.edgedb.get_files(current_datetime=datetime.now(timezone.utc), user_id=user['sub'])
return await render_template("views/webpage/files_list.htm", files=files_data) return await render_template("views/webpage/files_list.htm", files=files_data)
@side_main_bp.route('/files/<path:file_id>/info') @side_main_bp.route('/files/<path:file_id>/info')
@LIMITER.limit("10 per minute")
@login_required @login_required
async def file_info(file_id, user): async def file_info(file_id, user):
files_data = await current_app.edgedb.get_files(user_id=user['sub']) files_data = await current_app.edgedb.get_files(user_id=user['sub'])
return await render_template("views/webpage/.htm", files=files_data) return await render_template("views/webpage/.htm", files=files_data)
@side_main_bp.route('/files/<path:file_id>/edit') @side_main_bp.route('/files/<path:file_id>/edit')
@LIMITER.limit("10 per minute")
@login_required @login_required
async def file_edit(file_id, user): async def file_edit(file_id, user):
files_data = await current_app.edgedb.get_files(user_id=user['sub']) files_data = await current_app.edgedb.get_files(user_id=user['sub'])
return await render_template("views/webpage/.htm", files=files_data) return await render_template("views/webpage/.htm", files=files_data)
@side_main_bp.route("/-<file_id>") @side_main_bp.route("/-<file_id>")
@LIMITER.limit("10 per minute") @LIMITER.limit("10 per minute;500 per hour;")
async def serve_file(file_id: str): async def serve_file(file_id: str):
file_data = await current_app.edgedb.get_file(file_id=file_id) file_data = await current_app.edgedb.get_file(file_id=file_id)
if not file_data: if not file_data: