|
42 | 42 | from .routes.subagent import SubAgentRoute |
43 | 43 | from .routes.t2i import T2iRoute |
44 | 44 |
|
45 | | -_RATE_LIMITED_ENDPOINTS: frozenset = frozenset( |
46 | | - { |
47 | | - "/api/auth/totp/disable", |
48 | | - "/api/auth/totp/setup", |
49 | | - "/api/auth/login", |
50 | | - "/api/auth/totp/verify-setup", |
51 | | - } |
52 | | -) |
| 45 | +_RATE_LIMITED_ENDPOINTS: frozenset = frozenset({ |
| 46 | + "/api/auth/totp/disable", |
| 47 | + "/api/auth/totp/setup", |
| 48 | + "/api/auth/login", |
| 49 | + "/api/auth/totp/verify-setup", |
| 50 | +}) |
53 | 51 |
|
54 | 52 |
|
55 | 53 | class _AuthRateLimiter: |
@@ -98,15 +96,13 @@ def _match_registered_web_api(registered_web_apis, subpath: str, method: str): |
98 | 96 | if request_method not in allowed_methods: |
99 | 97 | continue |
100 | 98 |
|
101 | | - url_map = Map( |
102 | | - [ |
103 | | - Rule( |
104 | | - _normalize_plugin_api_route(route), |
105 | | - endpoint="plugin_api", |
106 | | - methods=allowed_methods, |
107 | | - ), |
108 | | - ] |
109 | | - ) |
| 99 | + url_map = Map([ |
| 100 | + Rule( |
| 101 | + _normalize_plugin_api_route(route), |
| 102 | + endpoint="plugin_api", |
| 103 | + methods=allowed_methods, |
| 104 | + ), |
| 105 | + ]) |
110 | 106 | try: |
111 | 107 | _, path_values = url_map.bind("").match( |
112 | 108 | request_path, |
@@ -279,7 +275,10 @@ async def auth_middleware(self): |
279 | 275 | await self.db.touch_api_key(api_key.key_id) |
280 | 276 | return None |
281 | 277 |
|
282 | | - if os.environ.get("ASTRBOT_TEST_MODE") != "true" and request.path in _RATE_LIMITED_ENDPOINTS: |
| 278 | + if ( |
| 279 | + os.environ.get("ASTRBOT_TEST_MODE") != "true" |
| 280 | + and request.path in _RATE_LIMITED_ENDPOINTS |
| 281 | + ): |
283 | 282 | limiter = _rate_limiters.get(request.path) |
284 | 283 | if limiter is None: |
285 | 284 | limiter = _AuthRateLimiter(capacity=3, refill_rate=1.0) |
|
0 commit comments