fix: restore flask-limiter as mandatory dependency

Rate limiting on login is a security requirement, not optional.
Reverts the no-op fallback — if flask-limiter is missing, the app
will fail fast with a clear import error rather than silently
running without rate limiting.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Smittix
2026-02-28 17:35:46 +00:00
parent 34ef7602c1
commit c979503d1d
2 changed files with 11 additions and 24 deletions
+8 -21
View File
@@ -42,12 +42,8 @@ from utils.constants import (
QUEUE_MAX_SIZE,
)
import logging
try:
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
_has_limiter = True
except ImportError:
_has_limiter = False
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
# Track application start time for uptime calculation
import time as _time
_app_start_time = _time.time()
@@ -57,21 +53,12 @@ logger = logging.getLogger('intercept.database')
app = Flask(__name__)
app.secret_key = "signals_intelligence_secret" # Required for flash messages
# Set up rate limiting (optional — flask-limiter may not be installed)
if _has_limiter:
limiter = Limiter(
key_func=get_remote_address,
app=app,
storage_uri="memory://",
)
else:
class _NoopLimiter:
"""Fallback when flask-limiter is not installed."""
def limit(self, *args, **kwargs):
def decorator(f):
return f
return decorator
limiter = _NoopLimiter()
# Set up rate limiting
limiter = Limiter(
key_func=get_remote_address,
app=app,
storage_uri="memory://",
)
# Disable Werkzeug debugger PIN (not needed for local development tool)
os.environ['WERKZEUG_DEBUG_PIN'] = 'off'