fureunoir/schon
fureunoir/schon
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Features: 1) Dynamic rate limiting based on DEBUG mode for authentication endpoints;

Browse source 
Fixes: 1) Add missing import for DEBUG from settings;

Extra: Updated rate limit for consistency across TokenObtain, TokenRefresh, and TokenVerify views.
This commit is contained in:
Egor Pavlovich Gorbunov 2025-05-15 17:23:51 +03:00
parent 9ebc9c73e0
commit 11edfb9d4f
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
vibes_auth/views.py
View file

@ -11,6 +11,7 @@ from rest_framework.response import Response
from rest_framework_simplejwt.exceptions import TokenError from rest_framework_simplejwt.exceptions import TokenError
from rest_framework_simplejwt.views import TokenViewBase from rest_framework_simplejwt.views import TokenViewBase
from evibes.settings import DEBUG
from vibes_auth.docs.drf.views import TOKEN_OBTAIN_SCHEMA, TOKEN_REFRESH_SCHEMA, TOKEN_VERIFY_SCHEMA from vibes_auth.docs.drf.views import TOKEN_OBTAIN_SCHEMA, TOKEN_REFRESH_SCHEMA, TOKEN_VERIFY_SCHEMA
from vibes_auth.serializers import ( from vibes_auth.serializers import (
TokenObtainPairSerializer, TokenObtainPairSerializer,
@ -26,7 +27,7 @@ class TokenObtainPairView(TokenViewBase):
serializer_class = TokenObtainPairSerializer serializer_class = TokenObtainPairSerializer
_serializer_class = TokenObtainPairSerializer _serializer_class = TokenObtainPairSerializer
@method_decorator(ratelimit(key="ip", rate="5/h")) @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h"))
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
return super().post(request, *args, **kwargs) return super().post(request, *args, **kwargs)
@ -36,7 +37,7 @@ class TokenRefreshView(TokenViewBase):
serializer_class = TokenRefreshSerializer serializer_class = TokenRefreshSerializer
_serializer_class = TokenRefreshSerializer _serializer_class = TokenRefreshSerializer
@method_decorator(ratelimit(key="ip", rate="5/h")) @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h"))
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
return super().post(request, *args, **kwargs) return super().post(request, *args, **kwargs)
@ -46,7 +47,7 @@ class TokenVerifyView(TokenViewBase):
serializer_class = TokenVerifySerializer serializer_class = TokenVerifySerializer
_serializer_class = TokenVerifySerializer _serializer_class = TokenVerifySerializer
@method_decorator(ratelimit(key="ip", rate="5/h")) @method_decorator(ratelimit(key="ip", rate="10/h" if not DEBUG else "888/h"))
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
try: try:
serializer = self.get_serializer(data=request.data) serializer = self.get_serializer(data=request.data)