From c91b44fa9724011d91c9ac7008c1570089447329 Mon Sep 17 00:00:00 2001 From: Son NK <> Date: Wed, 24 Jun 2020 10:32:22 +0200 Subject: [PATCH] set rate limit to 5/minute on new alias routes --- app/api/views/new_custom_alias.py | 5 ++++- app/api/views/new_random_alias.py | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/app/api/views/new_custom_alias.py b/app/api/views/new_custom_alias.py index 5f113c98..c80d6a4f 100644 --- a/app/api/views/new_custom_alias.py +++ b/app/api/views/new_custom_alias.py @@ -11,7 +11,7 @@ from app.api.serializer import ( ) from app.config import MAX_NB_EMAIL_FREE_PLAN from app.dashboard.views.custom_alias import verify_prefix_suffix, signer -from app.extensions import db +from app.extensions import db, limiter from app.log import LOG from app.models import ( Alias, @@ -27,6 +27,7 @@ from app.utils import convert_to_id @api_bp.route("/alias/custom/new", methods=["POST"]) +@limiter.limit("5/minute") @require_api_auth def new_custom_alias(): """ @@ -97,6 +98,7 @@ def new_custom_alias(): @api_bp.route("/v2/alias/custom/new", methods=["POST"]) +@limiter.limit("5/minute") @require_api_auth def new_custom_alias_v2(): """ @@ -191,6 +193,7 @@ def new_custom_alias_v2(): @api_bp.route("/v3/alias/custom/new", methods=["POST"]) +@limiter.limit("5/minute") @require_api_auth def new_custom_alias_v3(): """ diff --git a/app/api/views/new_random_alias.py b/app/api/views/new_random_alias.py index 446feba3..3ddf5a26 100644 --- a/app/api/views/new_random_alias.py +++ b/app/api/views/new_random_alias.py @@ -7,12 +7,13 @@ from app.api.serializer import ( serialize_alias_info_v2, ) from app.config import MAX_NB_EMAIL_FREE_PLAN -from app.extensions import db +from app.extensions import db, limiter from app.log import LOG from app.models import Alias, AliasUsedOn, AliasGeneratorEnum @api_bp.route("/alias/random/new", methods=["POST"]) +@limiter.limit("5/minute") @require_api_auth def new_random_alias(): """