utils/security.py

from fastapi import HTTPException
import time
from config import MAX_IMAGE_SIZE_MB, RATE_LIMIT_PER_MINUTE

# ===== Rate Limiting (Simple Memory-Based) =====
user_requests = {}

def check_rate_limit(user: str):
    current_time = time.time()

    if user not in user_requests:
        user_requests[user] = []

    # Keep only last 60 seconds
    user_requests[user] = [
        t for t in user_requests[user]
        if current_time - t < 60
    ]

    if len(user_requests[user]) >= RATE_LIMIT_PER_MINUTE:
        raise HTTPException(status_code=429, detail="Too many requests")

    user_requests[user].append(current_time)


# ===== Image Size Validation =====
def validate_image_size(file_size_bytes: int):
    max_bytes = MAX_IMAGE_SIZE_MB * 1024 * 1024
    if file_size_bytes > max_bytes:
        raise HTTPException(status_code=400, detail="Image too large")