diff options
author | Santo Cariotti <dcariotti24@gmail.com> | 2020-03-24 16:53:53 +0100 |
---|---|---|
committer | Santo Cariotti <dcariotti24@gmail.com> | 2020-03-27 21:08:05 +0100 |
commit | ee1ef8caba7ad63a8538b47d221bac3c4ad9309a (patch) | |
tree | a85eaca23404c556e8a3d01a3b26ba8d6e0f6db4 | |
parent | a347c3cb31d1ca39dc89cecd427b700babddf0db (diff) |
fix: authorization header instead of authentication
-rw-r--r-- | src/frest/auth/routes.py | 2 | ||||
-rw-r--r-- | src/frest/decorators.py | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/frest/auth/routes.py b/src/frest/auth/routes.py index c4dcfc9..66bd8f5 100644 --- a/src/frest/auth/routes.py +++ b/src/frest/auth/routes.py @@ -17,7 +17,7 @@ def login(): data = request.json - auth = request.headers.get("Authentication") + auth = request.headers.get("Authorization") if auth: t = Token.query.filter_by(string=auth).first() if not t: diff --git a/src/frest/decorators.py b/src/frest/decorators.py index 181b62d..f00de2c 100644 --- a/src/frest/decorators.py +++ b/src/frest/decorators.py @@ -8,10 +8,10 @@ def check_token(f): def inner(*args, **kwargs): userid = request.url.split('/')[-1] headers = request.headers - if not headers.get("Authentication"): + if not headers.get("Authorization"): abort(403) - auth = request.headers.get("Authentication") + auth = request.headers.get("Authorization") token = Token.query.filter_by(string=auth).first() if not token: abort(403) @@ -30,7 +30,7 @@ def admin_required(f): def inner(*args, **kwargs): header = request.headers - auth = request.headers.get("Authentication") + auth = request.headers.get("Authorization") token = Token.query.filter_by(string=auth).first() if not token.user.is_admin: abort(403) |