Commit 3bd1a320 authored by Grady Moran's avatar Grady Moran
Browse files

Modified requirements.txt to add the django-ratelimit...

Modified requirements.txt to add the django-ratelimit (https://github.com/jsocol/django-ratelimit) version 1.0.1
Modified views.py to take a big chunk out of index function and put it in a post function. This allows the ratelimit decorations to work on that function.
parent b81565da
Pipeline #838 passed with stage
in 1 minute and 12 seconds
......@@ -12,6 +12,7 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.models import User
from django.contrib.auth.decorators import user_passes_test, login_required
from django.shortcuts import render, get_object_or_404, redirect
from ratelimit.decorators import ratelimit
# App Imports
from go.models import URL, RegisteredUser
......@@ -46,67 +47,73 @@ def index(request):
# If a POST request is received, then the user has submitted a form and it's
# time to parse the form and create a new URL object
if request.method == 'POST':
# Now we initialize the form again but this time we have the POST
# request
url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
return redirect('view', post(request).short)
# Django will check the form to make sure it's valid
if url_form.is_valid():
# Render index.html passing the form to the template
return render(request, 'core/index.html', {
'form': url_form,
},
)
# We don't commit the url object yet because we need to add its
# owner, and parse its date field.
url = url_form.save(commit = False)
url.owner = request.user.registereduser
#rate limits are completely arbitrary
@ratelimit(key='user', rate='3/m', method='POST', block=True)
@ratelimit(key='user', rate='25/d', method='POST', block=True)
def post(request):
# If the user entered a short url, it's already been validated,
# so accept it. If they did not, however, then generate a
# random one and use that instead.
short = url_form.cleaned_data.get('short').strip()
# Now we initialize the form again but this time we have the POST
# request
url_form = URLForm(request.POST, host = request.META.get('HTTP_HOST'))
# Check if a short URL was entered
if len(short) > 0:
url.short = short
else:
# If the user didn't enter a short url, generate a random
# one. However, if a random one can't be generated, return
# a 500 server error.
random_short = URL.generate_valid_short()
if random_short is None:
return HttpResponseServerError(
render(request, 'admin/500.html', {})
)
else:
url.short = random_short
# Grab the expiration field value. It's currently an unsable
# string value, so we need to parse it into a datetime object
# relative to right now.
expires = url_form.cleaned_data.get('expires')
# Determine what the expiration date is
if expires == URLForm.DAY:
url.expires = timezone.now() + timedelta(days = 1)
elif expires == URLForm.WEEK:
url.expires = timezone.now() + timedelta(weeks = 1)
elif expires == URLForm.MONTH:
url.expires = timezone.now() + timedelta(weeks = 3)
elif expires == URLForm.CUSTOM:
url.expires = url_form.cleaned_data.get('expires_custom')
else:
pass # leave the field NULL
# Django will check the form to make sure it's valid
if url_form.is_valid():
# Make sure that our new URL object is clean, then save it and
# let's redirect to view this baby.
url.full_clean()
url.save()
# We don't commit the url object yet because we need to add its
# owner, and parse its date field.
url = url_form.save(commit = False)
url.owner = request.user.registereduser
return redirect('view', url.short)
# If the user entered a short url, it's already been validated,
# so accept it. If they did not, however, then generate a
# random one and use that instead.
short = url_form.cleaned_data.get('short').strip()
# Render index.html passing the form to the template
return render(request, 'core/index.html', {
'form': url_form,
},
)
# Check if a short URL was entered
if len(short) > 0:
url.short = short
else:
# If the user didn't enter a short url, generate a random
# one. However, if a random one can't be generated, return
# a 500 server error.
random_short = URL.generate_valid_short()
if random_short is None:
return HttpResponseServerError(
render(request, 'admin/500.html', {})
)
else:
url.short = random_short
# Grab the expiration field value. It's currently an unsable
# string value, so we need to parse it into a datetime object
# relative to right now.
expires = url_form.cleaned_data.get('expires')
# Determine what the expiration date is
if expires == URLForm.DAY:
url.expires = timezone.now() + timedelta(days = 1)
elif expires == URLForm.WEEK:
url.expires = timezone.now() + timedelta(weeks = 1)
elif expires == URLForm.MONTH:
url.expires = timezone.now() + timedelta(weeks = 3)
elif expires == URLForm.CUSTOM:
url.expires = url_form.cleaned_data.get('expires_custom')
else:
pass # leave the field NULL
# Make sure that our new URL object is clean, then save it and
# let's redirect to view this baby.
url.full_clean()
url.save()
return url
"""
This view allows the user to view details about a URL. Note that they
......
Django==1.10
django-auth-ldap==1.2.8
django-crispy-forms==1.6.0
django-ratelimit==1.0.1
git+https://github.com/bruno207/django-qrcode.git
flake8==3.0.4
git+https://github.com/kstateome/django-cas.git
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment