From a2ff6bd76384ea380ecf7a899eca9e7d076690f5 Mon Sep 17 00:00:00 2001
From: CaffeineFueled <hello@uphillsecurity.com>
Date: Mon, 25 May 2026 13:06:05 +0200
Subject: [PATCH] sec: ADD rate-limit to endpoint and get-requests #21

---
 main.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/main.py b/main.py
index 6174696..da3dd58 100644
--- a/main.py
+++ b/main.py
@@ -303,6 +303,7 @@ async def upload_text(request: Request, authorized: bool = Depends(validate_uplo
         raise HTTPException(status_code=500, detail="Failed to save file")
 
 @app.get("/{paste_id}", response_class=PlainTextResponse)
+@limiter.limit(RATE_LIMIT)
 async def get_file(paste_id: str, request: Request, token: Optional[str] = None):
     """Get paste content or delete if token is provided"""
     if not paste_id.isalnum():
@@ -326,6 +327,7 @@ async def get_file(paste_id: str, request: Request, token: Optional[str] = None)
 
 
 @app.post("/{paste_id}", response_class=PlainTextResponse)
+@limiter.limit(RATE_LIMIT)
 async def delete_paste_endpoint(paste_id: str, request: Request, token: Optional[str] = None):
     """Delete a paste using its deletion token"""
     client_ip = get_real_ip(request)