summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSanto Cariotti <dcariotti24@gmail.com>2020-03-24 16:53:53 +0100
committerSanto Cariotti <dcariotti24@gmail.com>2020-03-27 21:08:05 +0100
commitee1ef8caba7ad63a8538b47d221bac3c4ad9309a (patch)
treea85eaca23404c556e8a3d01a3b26ba8d6e0f6db4
parenta347c3cb31d1ca39dc89cecd427b700babddf0db (diff)
fix: authorization header instead of authentication
-rw-r--r--src/frest/auth/routes.py2
-rw-r--r--src/frest/decorators.py6
2 files changed, 4 insertions, 4 deletions
diff --git a/src/frest/auth/routes.py b/src/frest/auth/routes.py
index c4dcfc9..66bd8f5 100644
--- a/src/frest/auth/routes.py
+++ b/src/frest/auth/routes.py
@@ -17,7 +17,7 @@ def login():
data = request.json
- auth = request.headers.get("Authentication")
+ auth = request.headers.get("Authorization")
if auth:
t = Token.query.filter_by(string=auth).first()
if not t:
diff --git a/src/frest/decorators.py b/src/frest/decorators.py
index 181b62d..f00de2c 100644
--- a/src/frest/decorators.py
+++ b/src/frest/decorators.py
@@ -8,10 +8,10 @@ def check_token(f):
def inner(*args, **kwargs):
userid = request.url.split('/')[-1]
headers = request.headers
- if not headers.get("Authentication"):
+ if not headers.get("Authorization"):
abort(403)
- auth = request.headers.get("Authentication")
+ auth = request.headers.get("Authorization")
token = Token.query.filter_by(string=auth).first()
if not token:
abort(403)
@@ -30,7 +30,7 @@ def admin_required(f):
def inner(*args, **kwargs):
header = request.headers
- auth = request.headers.get("Authentication")
+ auth = request.headers.get("Authorization")
token = Token.query.filter_by(string=auth).first()
if not token.user.is_admin:
abort(403)