fix: restore flask-limiter as mandatory dependency

Rate limiting on login is a security requirement, not optional. Reverts the no-op fallback — if flask-limiter is missing, the app will fail fast with a clear import error rather than silently running without rate limiting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-06-08 14:11:54 -07:00 · 2026-02-28 17:35:46 +00:00
parent cdf10e1d6a
commit 6cbe94cf20
2 changed files with 11 additions and 24 deletions
@@ -42,12 +42,8 @@ from utils.constants import (
    QUEUE_MAX_SIZE,
 )
 import logging
-try:
-    from flask_limiter import Limiter
-    from flask_limiter.util import get_remote_address
-    _has_limiter = True
-except ImportError:
-    _has_limiter = False
+from flask_limiter import Limiter
+from flask_limiter.util import get_remote_address
 # Track application start time for uptime calculation
 import time as _time
 _app_start_time = _time.time()
@@ -57,21 +53,12 @@ logger = logging.getLogger('intercept.database')
 app = Flask(__name__)
 app.secret_key = "signals_intelligence_secret" # Required for flash messages

-# Set up rate limiting (optional — flask-limiter may not be installed)
-if _has_limiter:
-    limiter = Limiter(
-        key_func=get_remote_address,
-        app=app,
-        storage_uri="memory://",
-    )
-else:
-    class _NoopLimiter:
-        """Fallback when flask-limiter is not installed."""
-        def limit(self, *args, **kwargs):
-            def decorator(f):
-                return f
-            return decorator
-    limiter = _NoopLimiter()
+# Set up rate limiting
+limiter = Limiter(
+    key_func=get_remote_address,
+    app=app,
+    storage_uri="memory://",
+)

 # Disable Werkzeug debugger PIN (not needed for local development tool)
 os.environ['WERKZEUG_DEBUG_PIN'] = 'off'
@@ -326,9 +326,9 @@ install_python_deps() {
    "Werkzeug>=3.1.5" "pyserial>=3.5" "flask-sock" "websocket-client>=1.6.0" 2>/dev/null || true

  # Verify critical packages
-  $PY -c "import flask; import requests" 2>/dev/null || {
-    fail "Critical Python packages (flask, requests) not installed"
-    echo "Try: venv/bin/pip install flask requests"
+  $PY -c "import flask; import requests; from flask_limiter import Limiter" 2>/dev/null || {
+    fail "Critical Python packages (flask, requests, flask-limiter) not installed"
+    echo "Try: venv/bin/pip install flask requests flask-limiter"
    exit 1
  }
  ok "Core Python packages installed"