From 965fb9e0c9abd8b2a855247c630fdc9d2c666b6d Mon Sep 17 00:00:00 2001
From: jeromechoo <hello@jeromechoo.com>
Date: Fri, 27 Oct 2023 17:29:59 -0500
Subject: [PATCH] Basic rate limiting

---
 app.py           | 10 ++++++++++
 requirements.txt |  5 +++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index 1e2dcbc..ddd95b0 100644
--- a/app.py
+++ b/app.py
@@ -3,17 +3,27 @@
 from dotenv import load_dotenv
 from feedgen.feed import FeedGenerator
 from flask import Flask, request, make_response, render_template
+from flask_limiter import Limiter
+from flask_limiter.util import get_remote_address
 
 app = Flask(__name__)
 
 load_dotenv()
 DIFFBOT_TOKEN = os.getenv("DIFFBOT_TOKEN", None)
 
+# Really basic rate limiting to avoid taking down the app by bad actors
+limiter = Limiter(
+    get_remote_address, 
+    app=app, 
+    storage_uri='memory://'
+    )
+
 @app.route('/')
 def index():
     return render_template('home.html')
 
 @app.route('/rss')
+@limiter.limit("1/second", error_message='Rate limit exceeded')
 def rss():
 
     # 1. Extract list from URL
diff --git a/requirements.txt b/requirements.txt
index 20f165a..a4fef9e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,6 @@
 feedgen
 Flask
-requests
+Flask-Limiter
+gunicorn
 python-dotenv
-gunicorn
\ No newline at end of file
+requests
\ No newline at end of file