From 11edfb9d4fa388631ca6e6c391f0fff98e1539d5 Mon Sep 17 00:00:00 2001 From: Egor fureunoir Gorbunov Date: Thu, 15 May 2025 17:23:51 +0300 Subject: [PATCH] Features: 1) Dynamic rate limiting based on DEBUG mode for authentication endpoints; Fixes: 1) Add missing import for DEBUG from settings; Extra: Updated rate limit for consistency across TokenObtain, TokenRefresh, and TokenVerify views. --- vibes_auth/views.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/vibes_auth/views.py b/vibes_auth/views.py index e853637a..e0bc579f 100644 --- a/vibes_auth/views.py +++ b/vibes_auth/views.py @@ -11,6 +11,7 @@ from rest_framework.response import Response from rest_framework_simplejwt.exceptions import TokenError from rest_framework_simplejwt.views import TokenViewBase +from evibes.settings import DEBUG from vibes_auth.docs.drf.views import TOKEN_OBTAIN_SCHEMA, TOKEN_REFRESH_SCHEMA, TOKEN_VERIFY_SCHEMA from vibes_auth.serializers import ( TokenObtainPairSerializer, @@ -26,7 +27,7 @@ class TokenObtainPairView(TokenViewBase): serializer_class = TokenObtainPairSerializer _serializer_class = TokenObtainPairSerializer - @method_decorator(ratelimit(key="ip", rate="5/h")) + @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h")) def post(self, request, *args, **kwargs): return super().post(request, *args, **kwargs) @@ -36,7 +37,7 @@ class TokenRefreshView(TokenViewBase): serializer_class = TokenRefreshSerializer _serializer_class = TokenRefreshSerializer - @method_decorator(ratelimit(key="ip", rate="5/h")) + @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h")) def post(self, request, *args, **kwargs): return super().post(request, *args, **kwargs) @@ -46,7 +47,7 @@ class TokenVerifyView(TokenViewBase): serializer_class = TokenVerifySerializer _serializer_class = TokenVerifySerializer - @method_decorator(ratelimit(key="ip", rate="5/h")) + @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h")) def post(self, request, *args, **kwargs): try: serializer = self.get_serializer(data=request.data)