almet/ihatemoney
1
0
Fork 0
mirror of https://github.com/spiral-project/ihatemoney.git synced 2025-04-28 17:32:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

API Limiting preventing Abuse

Browse source
This commit is contained in:
Linkan333 2025-04-16 20:29:36 +02:00
parent c5b02b866f
commit 77926cd047
1 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
ihatemoney/api/common.py
View file

@ -26,12 +26,14 @@ limiter = Limiter(
"100 per day",
"5 per minute"
],
storge_uri="redis://localhost:6379"
storage_options={"socket_connection_timeout": 30},
storage_uri="redis://localhost:6379",
storage_options={
"socket_connect_timeout": 30,
"retry_on_timeout": True # Retry logic
},
strategy="fixed-window-elastic-expiry"
)
def need_auth(f):
@limiter.limit("5 per minute", key_func=lambda: request.authorization.username if request.authorization else get_remote_address())
@wraps(f)
@ -233,5 +235,7 @@ class TokenHandler(Resource):
if not project:
return "Not Found", 404
token = project.generate_token()
return {"token": token}, 200
token = project.generate_token(
expiration=current_app.config.get('TOKEN_EXPIRY', 86400),
)
return {"token": token, "expires_in": 86400}, 200