From 2a7f13c1ffa56b7c5d040f00735da6f7b6a75f55 Mon Sep 17 00:00:00 2001 From: Xevion Date: Tue, 24 Dec 2019 23:33:01 -0600 Subject: [PATCH] fixed ratelimiting to proper "view" args of the request context, changed format to be more respectable, less hideous error message kinda wanted to create a dynamically changing error message to properly convey which rate limit was hit, but that would mean 2 database accesses per error at worst (minimum) --- app/sound.py | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/app/sound.py b/app/sound.py index cb265bd..531fab6 100644 --- a/app/sound.py +++ b/app/sound.py @@ -1,4 +1,4 @@ -from app import app, db +from app import app, db, limiter from app.sound_models import YouTubeAudio, SoundcloudAudio from flask import Response, send_file, redirect, url_for, render_template, request from multiprocessing import Value @@ -23,20 +23,21 @@ def get_youtube(mediaid): db.session.commit() return audio +# Under the request context, it grabs the same args needed to decide whether the stream has been downloaded previously +# It applies rate limiting differently based on service, and whether the stream has been accessed previously def downloadLimiter(): - service = request.args.get('service') - mediaid = request.args.get('mediaid') + service, mediaid = request.view_args['service'], request.view_args['mediaid'] if service == 'youtube': if YouTubeAudio.query.get(mediaid) is not None: - return '5 per minute' + return '5/minute' else: - return '1 per 30 seconds' + return '1/30seconds' else: - return '10 per minute' + return '10/minute' -# Streams back the specified media back to the client +# Streams back the specified media back to the client @app.route('/stream//') -@limiter.limit(downloadLimiter) +@limiter.limit(downloadLimiter, error_message=Response('Rate limit hit', status=429, mimetype='text/plain')) def stream(service, mediaid): if service == 'youtube': audio = get_youtube(mediaid)