Merge pull request #47 from PythonFloripa/feature/#34

Feature/#34

Author: dan5e3s6ares

app/main.py

@@ -2,9 +2,11 @@
 from contextlib import asynccontextmanager
 
 from fastapi import FastAPI
+from slowapi import _rate_limit_exceeded_handler
 
 from app.routers.router import setup_router as setup_router_v2
 from app.services.database.database import AsyncSessionLocal, init_db
+from app.services.limiter import limiter
 
 logger = logging.getLogger(__name__)
 
@@ -27,6 +29,9 @@ async def lifespan(app: FastAPI):
 )
 
 
+app.state.limiter = limiter
+app.add_exception_handler(429, _rate_limit_exceeded_handler)
+
 app.include_router(setup_router_v2(), prefix="/api")
 
 logger.info("PyNews Server Starter")

app/routers/authentication.py

@@ -10,6 +10,7 @@
 from app.services import auth
 from app.services.database.models import Community as DBCommunity
 from app.services.database.orm.community import get_community_by_username
+from app.services.limiter import limiter
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/authentication/token")
 
@@ -89,6 +90,7 @@ async def create_community(request: Request):
     # Teste
 
     @router.post("/token", response_model=Token)
+    @limiter.limit("60/minute")
     async def login_for_access_token(
         request: Request, form_data: OAuth2PasswordRequestForm = Depends()
     ):
@@ -110,7 +112,9 @@ async def login_for_access_token(
         }
 
     @router.get("/me", response_model=Community)
+    @limiter.limit("60/minute")
     async def read_community_me(
+        request: Request,
         current_community: Annotated[
             DBCommunity, Depends(get_current_active_community)
         ],

app/services/limiter.py

@@ -0,0 +1,4 @@
+from slowapi import Limiter
+from slowapi.util import get_remote_address
+
+limiter = Limiter(key_func=get_remote_address)

poetry.lock

@@ -20,6 +20,7 @@ pre-commit = "^4.2.0"
 python-multipart = "^0.0.20"
 pyjwt = "^2.10.1"
 bcrypt = "^4.3.0"
+slowapi = "^0.1.9"
 
 [tool.poetry.group.dev.dependencies]
 pytest = "^8.3.2"