From 6a045ce88ec6067cdd60ef536a89d001aabc8eff Mon Sep 17 00:00:00 2001
From: "byte[]" <byteslice@airmail.cc>
Date: Mon, 14 Sep 2020 20:52:02 -0400
Subject: [PATCH] don't bump ratelimit after unsuccessful attempts

---
 lib/philomena_web/plugs/limit_plug.ex | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/lib/philomena_web/plugs/limit_plug.ex b/lib/philomena_web/plugs/limit_plug.ex
index f045a783..2e8ea0c8 100644
--- a/lib/philomena_web/plugs/limit_plug.ex
+++ b/lib/philomena_web/plugs/limit_plug.ex
@@ -31,12 +31,9 @@ defmodule PhilomenaWeb.LimitPlug do
     ]
 
     key = "rl-#{Enum.join(data, "")}"
+    amt = Redix.command!(:redix, ["GET", key]) || 0
 
-    [amt, _] =
-      Redix.pipeline!(:redix, [
-        ["INCR", key],
-        ["EXPIRE", key, time]
-      ])
+    conn = increment_after_post(conn, key, time)
 
     cond do
       amt <= limit ->
@@ -86,4 +83,18 @@ defmodule PhilomenaWeb.LimitPlug do
       _ -> false
     end
   end
+
+  defp increment_after_post(conn, key, time) do
+    Conn.register_before_send(conn, fn conn ->
+      # Phoenix status returns 200 for form validation errors
+      if conn.status != 200 do
+        Redix.pipeline!(:redix, [
+          ["INCR", key],
+          ["EXPIRE", key, time]
+        ])
+      end
+
+      conn
+    end)
+  end
 end