From 9ba20817205de7bf46489ab2a0d834f798031d20 Mon Sep 17 00:00:00 2001
From: multiple creatures <dev@multiple-creature.party>
Date: Sun, 4 Aug 2019 02:24:03 -0500
Subject: [PATCH] allow more media proxy requests when logged in

---
 config/initializers/rack_attack.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index 24ba16ae3..d1450b97d 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -65,8 +65,12 @@ class Rack::Attack
     req.authenticated_user_id if req.post? && req.path.start_with?('/api/v1/media')
   end
 
-  throttle('throttle_media_proxy', limit: 30, period: 30.minutes) do |req|
-    req.remote_ip if req.path.start_with?('/media_proxy')
+  throttle('throttle_authenticated_media_proxy', limit: 100, period: 5.minutes) do |req|
+    req.authenticated_user_id if req.path.start_with?('/media_proxy')
+  end
+
+  throttle('throttle_unauthenticated_media_proxy', limit: 30, period: 30.minutes) do |req|
+    req.remote_ip if req.unauthenticated? && req.path.start_with?('/media_proxy')
   end
 
   throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req|