testing

files/routes/settings.py

@@ -34,7 +34,7 @@ tiers={
 	}
 
 @app.post("/settings/removebackground")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def removebackground(v):
 	v.background = None
@@ -43,7 +43,7 @@ def removebackground(v):
 	return {"message": "Background removed!"}
 
 @app.post("/settings/profile")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_profile_post(v):
 	if v and v.patron:
@@ -409,7 +409,7 @@ def changelogsub(v):
 	else: return {"message": "You have unsubscribed from the changelog!"}
 
 @app.post("/settings/namecolor")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def namecolor(v):
 
@@ -422,7 +422,7 @@ def namecolor(v):
 	return redirect("/settings/profile")
 	
 @app.post("/settings/themecolor")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def themecolor(v):
 
@@ -435,7 +435,7 @@ def themecolor(v):
 	return redirect("/settings/profile")
 
 @app.post("/settings/gumroad")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def gumroad(v):
 	if SITE_NAME == 'Drama': patron = 'Paypig'
@@ -487,7 +487,7 @@ def gumroad(v):
 	return {"message": f"{patron} rewards claimed!"}
 
 @app.post("/settings/titlecolor")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def titlecolor(v):
 
@@ -500,7 +500,7 @@ def titlecolor(v):
 	return redirect("/settings/profile")
 
 @app.post("/settings/verifiedcolor")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def verifiedcolor(v):
 	verifiedcolor = str(request.values.get("verifiedcolor", "")).strip()
@@ -512,7 +512,7 @@ def verifiedcolor(v):
 	return redirect("/settings/profile")
 
 @app.post("/settings/security")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_security_post(v):
 	if request.values.get("new_password"):
@@ -595,7 +595,7 @@ def settings_security_post(v):
 		return render_template("settings_security.html", v=v, msg="Two-factor authentication disabled.")
 
 @app.post("/settings/log_out_all_others")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_log_out_others(v):
 
@@ -616,7 +616,7 @@ def settings_log_out_others(v):
 
 
 @app.post("/settings/images/profile")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_images_profile(v):
 	if v and v.patron:
@@ -651,7 +651,7 @@ def settings_images_profile(v):
 
 
 @app.post("/settings/images/banner")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_images_banner(v):
 	if v and v.patron:
@@ -676,7 +676,7 @@ def settings_images_banner(v):
 
 
 @app.post("/settings/delete/profile")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_delete_profile(v):
 
@@ -689,7 +689,7 @@ def settings_delete_profile(v):
 						   msg="Profile picture successfully removed.")
 
 @app.post("/settings/delete/banner")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_delete_banner(v):
 
@@ -714,7 +714,7 @@ def settings_css_get(v):
 	return render_template("settings_css.html", v=v)
 
 @app.post("/settings/css")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_css(v):
 	if v.agendaposter: return {"error": "Agendapostered users can't edit css!"}
@@ -734,7 +734,7 @@ def settings_profilecss_get(v):
 	return render_template("settings_profilecss.html", v=v)
 
 @app.post("/settings/profilecss")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_profilecss(v):
 	if v.truecoins < 1000 and not v.patron: return f"You must have +1000 {COINS_NAME} or be a paypig to set profile css."
@@ -746,7 +746,7 @@ def settings_profilecss(v):
 	return render_template("settings_profilecss.html", v=v)
 
 @app.post("/settings/block")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_block_user(v):
 
@@ -780,7 +780,7 @@ def settings_block_user(v):
 
 
 @app.post("/settings/unblock")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_unblock_user(v):
 
@@ -809,7 +809,7 @@ def settings_apps(v):
 
 
 @app.post("/settings/remove_discord")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_remove_discord(v):
 
@@ -829,7 +829,7 @@ def settings_content_get(v):
 	return render_template("settings_filters.html", v=v)
 
 @app.post("/settings/name_change")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @is_not_permabanned
 def settings_name_change(v):
 
@@ -873,7 +873,7 @@ def settings_name_change(v):
 	return redirect("/settings/profile")
 
 @app.post("/settings/song_change")
-@limiter.limit("5/day;1/second")
+@limiter.limit("1/second;5/day")
 @auth_required
 def settings_song_change(v):
 	song=request.values.get("song").strip()
@@ -951,7 +951,7 @@ def settings_song_change(v):
 	return redirect("/settings/profile")
 
 @app.post("/settings/title_change")
-@limiter.limit("1/second")
+@limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_required
 def settings_title_change(v):