add: api for rate control

api/resource.py

@@ -1,6 +1,6 @@
 #api/resource.py
+import api
 from flask import Blueprint, jsonify, request
-
 from contexts.RequestContext import RequestContext
 from db import get_db
 from db.models.Resource import Resource
@@ -9,7 +9,7 @@ import logging
 resource_bp = Blueprint('resource', __name__, url_prefix='/api/resource')
 logger = logging.getLogger(__name__)
 @resource_bp.route('/<identifier>', methods=['GET'])
-@limiter.limit('10 per second')
+@limiter.limit(api.get_rate_limit)
 def get_resource(identifier):
     with get_db() as session:
         resource = session.query(Resource).get(identifier)
@@ -21,7 +21,7 @@ def get_resource(identifier):
 
 @resource_bp.route('/', methods=['POST'])
 @require_auth(roles=["admin", "creator"])
-@limiter.limit('20 per minute')
+@limiter.limit(api.get_rate_limit)
 def create_resource():
     data = request.get_json()
     identifier = data.get('id')
@@ -43,7 +43,7 @@ def create_resource():
 
 @resource_bp.route('/<identifier>', methods=['DELETE'])
 @require_auth(roles=["admin"])
-@limiter.limit('20 per minute')
+@limiter.limit(api.get_rate_limit)
 def delete_resource(identifier):
     with get_db() as session:
         resource = session.query(Resource).get(identifier)
@@ -53,4 +53,5 @@ def delete_resource(identifier):
             return jsonify({"error": f"Resource not found - {errno}"}), 404
         session.delete(resource)
         session.commit()
-        return jsonify({"message": "Resource deleted"}), 200
+        return jsonify({"message": "Resource deleted"}), 200
+