Remove rate limiting from API calls (#72)

* Remove rate limiting from API calls * Remove rate limiting from tests
climatepolicyradar · Mar 24, 2023 · 13c6c61 · 13c6c61
1 parent 0814f29
commit 13c6c61
Show file tree

Hide file tree

Showing 7 changed files with 354 additions and 487 deletions.
diff --git a/app/api/api_v1/routers/admin.py b/app/api/api_v1/routers/admin.py
@@ -51,7 +51,6 @@
 )
 from app.core.ingestion.validator import validate_event_row
 from app.core.validate import physical_document_source_urls, document_source_urls
-from app.core.ratelimit import DEFAULT_LIMIT, limiter
 from app.core.validate import family_document_ids, document_ids
 from app.core.validation import IMPORT_ID_MATCHER
 from app.core.validation.types import (
@@ -246,7 +245,6 @@ async def user_delete(
 @r.post(
     "/password-reset/{user_id}", response_model=bool, response_model_exclude_none=True
 )
-@limiter.limit(DEFAULT_LIMIT)
 async def request_password_reset(
     request: Request,
     user_id: int,

diff --git a/app/api/api_v1/routers/unauthenticated.py b/app/api/api_v1/routers/unauthenticated.py
@@ -11,7 +11,6 @@
     send_password_changed_email,
     send_password_reset_email,
 )
-from app.core.ratelimit import DEFAULT_LIMIT, limiter
 from app.db.crud.password_reset import (
     create_password_reset_token,
     get_password_reset_token_by_token,
@@ -37,7 +36,6 @@
 
 
 @r.post("/registrations", response_model=bool, response_model_exclude_none=True)
-@limiter.limit(DEFAULT_LIMIT)
 async def user_create(
     request: Request,  # request unused, but required for rate limiting
     user: UserCreate,
@@ -90,7 +88,6 @@ async def user_create(
 
 
 @r.post("/activations", response_model=User, response_model_exclude_none=True)
-@limiter.limit(DEFAULT_LIMIT)
 async def set_password(
     request: Request,  # request unused, but required for rate limiting
     payload: ResetPassword,
@@ -119,7 +116,6 @@ async def set_password(
 @r.post(
     "/password-reset/{email}", response_model=bool, response_model_exclude_none=True
 )
-@limiter.limit(DEFAULT_LIMIT)
 async def request_password_reset(
     request: Request,  # request unused, but required for rate limiting
     email: str,

diff --git a/app/core/ratelimit.py b/app/core/ratelimit.py
diff --git a/app/main.py b/app/main.py
@@ -8,8 +8,6 @@
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi_health import health
 from fastapi_pagination import add_pagination
-from slowapi.errors import RateLimitExceeded
-from slowapi.extension import _rate_limit_exceeded_handler
 from starlette.requests import Request
 from alembic.command import upgrade
 from alembic.config import Config
@@ -24,7 +22,6 @@
 from app.core import config
 from app.core.auth import get_current_active_superuser
 from app.core.health import is_database_online
-from app.core.ratelimit import limiter
 from app.db.session import SessionLocal
 
 os.environ["SKIP_ALEMBIC_LOGGING"] = "1"
@@ -126,10 +123,6 @@ async def root():
 # add pagination support to all routes that ask for it
 add_pagination(app)
 
-# rate limiting
-app.state.limiter = limiter
-app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
-
 
 @app.on_event("startup")
 async def startup() -> None: