From 6a42907060a89502283ff0f5d8b60a2289cad2da Mon Sep 17 00:00:00 2001 From: Egor fureunoir Gorbunov Date: Wed, 1 Oct 2025 18:19:54 +0300 Subject: [PATCH] Features: 1) Update rate limit logic to dynamically adjust based on `settings.DEBUG` instead of hardcoded `DEBUG`; Fixes: 1) Remove unused import of `DEBUG` from settings; Extra: n/a; --- core/views.py | 2 +- core/viewsets.py | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/core/views.py b/core/views.py index 3b6bec4c..5083f47c 100644 --- a/core/views.py +++ b/core/views.py @@ -428,7 +428,7 @@ class BuyAsBusinessView(APIView): Handles the "POST" request to process a business purchase. """ - @method_decorator(ratelimit(key="ip", rate="10/h", block=True)) + @method_decorator(ratelimit(key="ip", rate="10/h" if not settings.DEBUG else "888/h")) def post(self, request, *_args, **kwargs): serializer = BuyAsBusinessOrderSerializer(data=request.data) serializer.is_valid(raise_exception=True) diff --git a/core/viewsets.py b/core/viewsets.py index 9b99fe07..29169409 100644 --- a/core/viewsets.py +++ b/core/viewsets.py @@ -117,7 +117,6 @@ from core.utils.seo_builders import ( product_schema, website_schema, ) -from evibes.settings import DEBUG from payments.serializers import TransactionProcessSerializer logger = logging.getLogger("django") @@ -840,7 +839,7 @@ class OrderViewSet(EvibesViewSet): return Response(status=status.HTTP_404_NOT_FOUND, data={"detail": _(f"{name} does not exist: {uuid}")}) @action(detail=False, methods=["post"], url_path="buy_unregistered") - @method_decorator(ratelimit(key="ip", rate="5/h" if not DEBUG else "888/h")) + @method_decorator(ratelimit(key="ip", rate="10/h" if not settings.DEBUG else "888/h")) def buy_unregistered(self, request): serializer = BuyUnregisteredOrderSerializer(data=request.data) serializer.is_valid(raise_exception=True)