almet/ihatemoney
1
0
Fork 0
mirror of https://github.com/spiral-project/ihatemoney.git synced 2025-04-28 17:32:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

API Limiting preventing Abuse

Browse source
This commit is contained in:
Linkan333 2025-04-16 20:29:36 +02:00
parent c5b02b866f
commit 77926cd047
1 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
ihatemoney/api/common.py
View file

@ -26,12 +26,14 @@ limiter = Limiter(
"100 per day", "100 per day",
"5 per minute" "5 per minute"
], ],
storge_uri="redis://localhost:6379" storage_uri="redis://localhost:6379",
storage_options={"socket_connection_timeout": 30}, storage_options={
"socket_connect_timeout": 30,
"retry_on_timeout": True # Retry logic
},
strategy="fixed-window-elastic-expiry" strategy="fixed-window-elastic-expiry"
) )
def need_auth(f): def need_auth(f):
@limiter.limit("5 per minute", key_func=lambda: request.authorization.username if request.authorization else get_remote_address()) @limiter.limit("5 per minute", key_func=lambda: request.authorization.username if request.authorization else get_remote_address())
@wraps(f) @wraps(f)
@ -233,5 +235,7 @@ class TokenHandler(Resource):
if not project: if not project:
return "Not Found", 404 return "Not Found", 404
token = project.generate_token() token = project.generate_token(
return {"token": token}, 200 expiration=current_app.config.get('TOKEN_EXPIRY', 86400),
)
return {"token": token, "expires_in": 86400}, 200