From 572e6e86c4681f3b21fc57ced5a2cdf08848d317 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lera=20Elvo=C3=A9?= <yagich@poto.cafe>
Date: Thu, 28 May 2026 21:40:46 +0300
Subject: [PATCH] add 405 handler

---
 app/__init__.py | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/app/__init__.py b/app/__init__.py
index b7c6ded..9a9b912 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -149,6 +149,13 @@ def clear_stale_sessions():
         for sess in stale_sessions:
             sess.delete()
 
+def clear_api_limits():
+    from .db import db
+    from .models import APIRateLimits
+    with db.transaction():
+        limits = APIRateLimits.select()
+        for l in limits:
+            l.delete()
 
 cache = Cache()
 
@@ -223,6 +230,7 @@ def create_app():
         create_deleted_user()
 
         clear_stale_sessions()
+        clear_api_limits()
 
         reparse_babycode()
 
@@ -320,6 +328,15 @@ def create_app():
         else:
             return render_template('common/404.html'), e.code
 
+    @app.errorhandler(405)
+    def _handle_405(e):
+        if request.path.startswith('/hyperapi/'):
+            return '<h1>method not allowed</h1>', e.code
+        elif request.path.startswith('/api/'):
+            return {'error': 'method not allowed'}, e.code
+        else:
+            return render_template('common/404.html'), e.code
+
     @app.errorhandler(403)
     def _handle_403(e):
         if request.path.startswith('/hyperapi/'):