# HG changeset patch # User Brian Neal # Date 1322939618 0 # Node ID a5d11471d03163c8fdbcbced53eca206a739cbdf # Parent b5bd3509e6e6a502ae39181f2174708195e7f1d8 Refactor the logic in the rate limiter decorator. Check to see if the request was ajax, as the ajax view always returns 200. Have to decode the JSON response to see if an error occurred or not. diff -r b5bd3509e6e6 -r a5d11471d031 gpp/antispam/decorators.py --- a/gpp/antispam/decorators.py Sat Dec 03 16:25:15 2011 +0000 +++ b/gpp/antispam/decorators.py Sat Dec 03 19:13:38 2011 +0000 @@ -6,6 +6,7 @@ from functools import wraps from django.shortcuts import render +from django.utils import simplejson from antispam.rate_limit import RateLimiter, RateLimiterUnavailable @@ -31,15 +32,27 @@ response = fn(request, *args, **kwargs) if request.method == 'POST': - success = (response and response.has_header('location') and - response.status_code == 302) - try: - if not success and rate_limiter.incr(): + + # Figure out if the view succeeded; if it is a non-ajax view, + # then success means a redirect is about to occur. If it is + # an ajax view, we have to decode the json response. + success = False + if not request.is_ajax(): + success = (response and response.has_header('location') and + response.status_code == 302) + elif response: + json_resp = simplejson.loads(response.content) + success = json_resp['success'] + + if not success: + try: + blocked = rate_limiter.incr() + except RateLimiterUnavailable: + blocked = False + + if blocked: return render(request, 'antispam/blocked.html', status=403) - except RateLimiterUnavailable: - pass - return response return wrapped