меня заебали что на сайте тычут випку два раза

src/main/java/app/annotations/exceptions/WaitRateLimit.java

@@ -0,0 +1,4 @@
+package app.annotations.exceptions;
+
+public class WaitRateLimit extends RuntimeException {
+}

src/main/java/app/annotations/impl/WaitAfterNextAspect.java

@@ -0,0 +1,50 @@
+package app.annotations.impl;
+
+import app.annotations.exceptions.NeedCookie;
+import app.annotations.exceptions.WaitRateLimit;
+import jakarta.servlet.http.HttpServletRequest;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.After;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.HashSet;
+
+@Aspect
+@Configuration
+public class WaitAfterNextAspect {
+    HashSet<String> wait_steam64 = new HashSet<>();
+
+    @Before("@annotation(app.annotations.interfaces.WaitAfterNext) && args(request,..)")
+    public void before(HttpServletRequest request) {
+        String steam64 = getSteam64fromCookie(request);
+
+        if (steam64.isEmpty()) return;
+        if (wait_steam64.contains(steam64)) throw new WaitRateLimit();
+        wait_steam64.add(steam64);
+    }
+
+    @After("@annotation(app.annotations.interfaces.WaitAfterNext) && args(request,..)")
+    public void after(HttpServletRequest request) {
+        String steam64 = getSteam64fromCookie(request);
+        if (steam64.isEmpty()) return;
+        if (wait_steam64.contains(steam64)) wait_steam64.remove(steam64);
+    }
+
+    public String getSteam64fromCookie(HttpServletRequest request) {
+        if(request.getHeader("Cookie") == null) {
+            return "";
+        }
+
+        String[] rawCookieParams = request.getHeader("Cookie").split(";");
+        String steam64 = "";
+        for(String rawCookie: rawCookieParams) {
+            if(rawCookie.contains("steam64=")) {
+                steam64 = rawCookie.split("=")[1];
+                continue;
+            }
+        }
+        return steam64;
+    }
+}

src/main/java/app/annotations/interfaces/WaitAfterNext.java

@@ -0,0 +1,11 @@
+package app.annotations.interfaces;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface WaitAfterNext {
+}

src/main/java/app/controllers/user/ProfileController.java

@@ -3,6 +3,7 @@ package app.controllers.user;
 import app.annotations.enums.AuthMethod;
 import app.annotations.interfaces.BurstUpdatePlayers;
 import app.annotations.interfaces.CheckWebAccess;
+import app.annotations.interfaces.WaitAfterNext;
 import app.entities.SocialAuth;
 import app.services.ProfileService;
 import app.services.ReportService;
@@ -52,6 +53,7 @@ public class ProfileController {
 
     @PostMapping("/freevip")
     @CheckWebAccess
+    @WaitAfterNext
     public ResponseEntity GetFreeVIP(HttpServletRequest request,
                                      @CookieValue(value = "steam64", defaultValue = "") String steam64,
                                      @RequestBody(required = false) SocialAuth socialAuth,
@@ -66,6 +68,7 @@ public class ProfileController {
     @PostMapping("/report")
     @CheckWebAccess
     @BurstUpdatePlayers
+    @WaitAfterNext
     public ResponseEntity<Long> ReportUser(HttpServletRequest request,
                                               @CookieValue(value = "steam64", defaultValue = "") String steam64,
                                               @RequestParam(value = "steam64", defaultValue = "") String reported_steam64,

src/main/java/app/exceptions/handler/GlobalExceptionAdvice.java

@@ -39,4 +39,9 @@ public class GlobalExceptionAdvice {
     public ResponseEntity handFailedAuthCheck() {
         return new ResponseEntity(HttpStatus.UNAUTHORIZED);
     }
+
+    @ExceptionHandler(WaitRateLimit.class)
+    public ResponseEntity handWaitRateLimit(){
+        return new ResponseEntity<>("wait current before call this", HttpStatus.FORBIDDEN);
+    }
 }