Лимит запросов по IP, мелкие правки
This commit is contained in:
+29
-2
@@ -1,4 +1,4 @@
|
||||
from fastapi import Depends, FastAPI, HTTPException, Query, Body
|
||||
from fastapi import Depends, FastAPI, HTTPException, Query, Body, Request
|
||||
from contextlib import asynccontextmanager
|
||||
import asyncio
|
||||
from statistics import median
|
||||
@@ -6,7 +6,7 @@ from statistics import median
|
||||
from db import *
|
||||
from call2api import check_user_token, user_in_db, transfer_coins, get_stats, create_invoice, delete_invoice, \
|
||||
get_invoice
|
||||
from func import log
|
||||
from func import *
|
||||
|
||||
|
||||
#------------------------------------------------------------
|
||||
@@ -40,10 +40,13 @@ async def token_check(username, user_token):
|
||||
# OUT: 'OK' / 'Invalid token' (401) / 'Token already exist' (409) / General error (500)
|
||||
@app.post('/api/register_user_token/')
|
||||
async def register_user_token_api(
|
||||
request: Request,
|
||||
token: str = Body(),
|
||||
user_token: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if token != SYSTEM_API_TOKEN:
|
||||
raise HTTPException(status_code=401, detail='Invalid token')
|
||||
user_token_db = await user_token_in_db_func(session, user_token)
|
||||
@@ -64,10 +67,13 @@ async def register_user_token_api(
|
||||
# OUT: 'OK' / 'Invalid token' (401) / 'Token not exist' (404) / General error (500)
|
||||
@app.post('/api/unregister_user_token/')
|
||||
async def unregister_user_token_api(
|
||||
request: Request,
|
||||
token: str = Body(),
|
||||
user_token: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if token != SYSTEM_API_TOKEN:
|
||||
raise HTTPException(status_code=401, detail='Invalid token')
|
||||
user_token_db = await user_token_in_db_func(session, user_token)
|
||||
@@ -85,10 +91,13 @@ async def unregister_user_token_api(
|
||||
# OUT: {'issue_date': str, 'logs': str} / 'Invalid username or token' (401) / 'Token not exist' (404) / General error (500)
|
||||
@app.post('/api/get_user_token_info/')
|
||||
async def get_user_token_info_api(
|
||||
request: Request,
|
||||
username: str | None = Body(None),
|
||||
user_token: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
user_token_db = await user_token_in_db_func(session, user_token)
|
||||
@@ -116,10 +125,13 @@ async def get_user_token_info_api(
|
||||
# } / 'Invalid username or token' (401) / 'User not found' (404) / General error (500)
|
||||
@app.post('/api/user_in_db/')
|
||||
async def user_in_db_api(
|
||||
request: Request,
|
||||
username: str | None = Body(None),
|
||||
user_token: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/user_in_db')
|
||||
@@ -131,12 +143,15 @@ async def user_in_db_api(
|
||||
# / General error (500)
|
||||
@app.post('/api/transfer_coins/')
|
||||
async def transfer_coins_api(
|
||||
request: Request,
|
||||
username: str = Body(),
|
||||
user_token: str = Body(),
|
||||
dst_username: str = Body(),
|
||||
amount: float = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/transfer_coins: (dst_username: {dst_username}, amount: {amount})')
|
||||
@@ -156,10 +171,13 @@ async def transfer_coins_api(
|
||||
# } / 'Invalid username or token' (401) / General error (500)
|
||||
@app.post('/api/get_stats/')
|
||||
async def get_stats_api(
|
||||
request: Request,
|
||||
username: str = Body(),
|
||||
user_token: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/get_stats')
|
||||
@@ -170,11 +188,14 @@ async def get_stats_api(
|
||||
# / General error (500)
|
||||
@app.post('/api/create_invoice/')
|
||||
async def create_invoice_api(
|
||||
request: Request,
|
||||
username: str = Body(),
|
||||
user_token: str = Body(),
|
||||
amount: float | None = Body(None),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/create_invoice: (amount: {amount})')
|
||||
@@ -184,11 +205,14 @@ async def create_invoice_api(
|
||||
# OUT: 'OK' / 'Invalid username or token' (401) / 'Invoice id not found' (404) / General error (500)
|
||||
@app.post('/api/delete_invoice/')
|
||||
async def delete_invoice_api(
|
||||
request: Request,
|
||||
username: str = Body(),
|
||||
user_token: str = Body(),
|
||||
invoice_id: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/delete_invoice: (id: {invoice_id})')
|
||||
@@ -203,11 +227,14 @@ async def delete_invoice_api(
|
||||
# } / 'Invalid username or token' (401) / 'Invoice id not found' (404) / General error (500)
|
||||
@app.post('/api/get_invoice/')
|
||||
async def get_invoice_api(
|
||||
request: Request,
|
||||
username: str = Body(),
|
||||
user_token: str = Body(),
|
||||
invoice_id: str = Body(),
|
||||
session: AsyncSession = Depends(get_session)
|
||||
):
|
||||
if await is_rate_limited(request.client.host):
|
||||
raise HTTPException(status_code=429, detail='Too many requests')
|
||||
if not await token_check(username, user_token):
|
||||
raise HTTPException(status_code=401, detail='Invalid username or token')
|
||||
await log(session, user_token, f'/get_invoice: (id: {invoice_id})')
|
||||
|
||||
Reference in New Issue
Block a user