fix: prevent duplicate forum topics from rapid double-submit

- Backend: reject identical title+content from same author within 60s
  (mirrors existing protection on forum_reply)
- Frontend: disable submit button + 'Wysyłanie…' label on first click

Daniel Kochański accidentally created 7 identical 'Local content w praktyce'
topics within 5 seconds. Soft-deleted IDs 25-30 on prod, kept 24.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

blueprints/forum/routes.py

@@ -149,6 +149,16 @@ def forum_new_topic():
 
         db = SessionLocal()
         try:
+            # Duplicate submission protection: same author, same title+content, within 60 seconds
+            recent_duplicate = db.query(ForumTopic).filter(
+                ForumTopic.author_id == current_user.id,
+                ForumTopic.title == title,
+                ForumTopic.content == content,
+                ForumTopic.created_at >= datetime.now() - timedelta(seconds=60)
+            ).first()
+            if recent_duplicate:
+                return redirect(url_for('.forum_topic', topic_id=recent_duplicate.id))
+
             topic = ForumTopic(
                 title=title,
                 content=content,

templates/forum/new_topic.html

@@ -383,6 +383,14 @@
 
         if (!valid) {
             e.preventDefault();
+            return;
+        }
+
+        const submitBtn = this.querySelector('button[type="submit"]');
+        if (submitBtn) {
+            submitBtn.disabled = true;
+            submitBtn.dataset.originalText = submitBtn.textContent;
+            submitBtn.textContent = 'Wysyłanie…';
         }
     });