Fix #241: admin action rate limits too low.
Explicitly exempts admin action routes from rate limiting because the limits were being hit during normal user behavior. While verbose, alternatives like grouping admin routes into e.g. a Flask blueprint to modify their behavior as a collective would have been a larger refactor than seemed wise at the moment. Also, some routes that were limited at 1/second were originally set as such as a makeshift debounce for people double-clicking buttons. This was discussed and deemed an acceptable risk compared to making the mod queue more frustrating to go through.
This commit is contained in:
TLSM
Ben Rog-Wilhelm
parent
13a6444f67
commit
7a6f95a3b1
2 changed files with 55 additions and 22 deletions
|
|
@ -7,7 +7,7 @@ from files.__main__ import app, limiter, cache
|
|||
from os import environ
|
||||
|
||||
@app.get("/votes")
|
||||
@limiter.limit("5/second;60/minute;200/hour;1000/day")
|
||||
@limiter.exempt
|
||||
@admin_level_required(3)
|
||||
def admin_vote_info_get(v):
|
||||
link = request.values.get("link")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue