Add rate-limiting

client.py

@@ -60,7 +60,7 @@ class Client():
         # Connect to Discord
         self.connect()
         # Discord-related variables
-        self.currentGame = None
+        self.currentGame = {'@id': None}
 
     # Get from API
     def APIget(self, route:str, content:dict = {}):
@@ -76,12 +76,20 @@ class Client():
         self.rpc.connect()
 
     def signUp(self):
-        r = self.APIpost('user/c/%s' % self.friendCode).json()
+        r = self.APIpost('user/c/%s' % self.friendCode)
+        try:
+            r = r.json()
+        except:
+            raise APIException(r.content)
         if r['Exception']:
             raise APIException(r['Exception'])
 
     def fetch(self):
-        r = self.APIget('user/%s' % self.friendCode).json()
+        r = self.APIget('user/%s' % self.friendCode)
+        try:
+            r = r.json()
+        except:
+            raise APIException(r.content)
         if r['Exception']:
             raise APIException(r['Exception'])
         return r
@@ -109,9 +117,12 @@ class Client():
             if not game:
                 raise GameMatchError('unknown game: %s' % uid)
 
+            print('Update', end = '')
             if self.currentGame != game:
+                print(' [%s -> %s]' % (self.currentGame['@id'], game['@id']), end = '')
                 self.currentGame = game
                 self.start = int(time.time())
+            print()
             self.rpc.update(
                 details = game['name'],
                 large_image = game['icon_url'].replace('https://kanzashi-ctr.cdn.nintendo.net/i/', host + '/cdn/i/'),
@@ -122,7 +133,8 @@ class Client():
                 # But that's dumb so no
             )
         else:
-            self.currentGame = None
+            print('Clear [%s -> %s]' % (self.currentGame['@id'], None))
+            self.currentGame = {'@id': None}
             self.rpc.clear()
         time.sleep(30)
 

requirements.txt

@@ -4,3 +4,4 @@ nintendoclients>0.0.3
 xmltodict
 requests
 pypresence
+flask-limiter

server.py

@@ -1,8 +1,15 @@
 from flask import Flask, make_response
+from flask_limiter import Limiter
+from flask_limiter.util import get_remote_address
 import sqlite3, requests
 from api import *
 
 app = Flask(__name__)
+limiter = Limiter(app, key_func = get_remote_address)
+
+@app.errorhandler(429)
+def ratelimit_handler(e):
+    return 'You have exceeded your rate-limit'
 
 def accessDB():
     con = sqlite3.connect('sqlite/fcLibrary.db')
@@ -11,6 +18,7 @@ def accessDB():
 
 # Grab presence from friendCode
 @app.route('/user/<int:friendCode>/', methods=['GET'])
+@limiter.limit('3/minute')
 def userPresence(friendCode:int):
     con, cursor = accessDB()
     try:
@@ -44,6 +52,7 @@ def userPresence(friendCode:int):
 
 # Create entry in database with friendCode
 @app.route('/user/c/<int:friendCode>/', methods=['POST'])
+@limiter.limit('3/minute')
 def createUser(friendCode:int):
     con, cursor = accessDB()
     try:
@@ -65,6 +74,7 @@ def createUser(friendCode:int):
 
 # Make Nintendo's cert a 'secure' cert
 @app.route('/cdn/i/<string:file>/', methods=['GET'])
+@limiter.limit('1/minute')
 def cdnImage(file:str):
     response = make_response(requests.get('https://kanzashi-ctr.cdn.nintendo.net/i/%s' % file, verify = False).content)
     response.headers['Content-Type'] = 'image/jpeg'