From ee1ef8caba7ad63a8538b47d221bac3c4ad9309a Mon Sep 17 00:00:00 2001
From: Santo Cariotti <dcariotti24@gmail.com>
Date: Tue, 24 Mar 2020 16:53:53 +0100
Subject: fix: authorization header instead of authentication

---
 src/frest/auth/routes.py | 2 +-
 src/frest/decorators.py  | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/frest/auth/routes.py b/src/frest/auth/routes.py
index c4dcfc9..66bd8f5 100644
--- a/src/frest/auth/routes.py
+++ b/src/frest/auth/routes.py
@@ -17,7 +17,7 @@ def login():
 
     data = request.json
 
-    auth = request.headers.get("Authentication")
+    auth = request.headers.get("Authorization")
     if auth:
         t = Token.query.filter_by(string=auth).first()
         if not t:
diff --git a/src/frest/decorators.py b/src/frest/decorators.py
index 181b62d..f00de2c 100644
--- a/src/frest/decorators.py
+++ b/src/frest/decorators.py
@@ -8,10 +8,10 @@ def check_token(f):
     def inner(*args, **kwargs):
         userid = request.url.split('/')[-1]
         headers = request.headers
-        if not headers.get("Authentication"):
+        if not headers.get("Authorization"):
             abort(403)
 
-        auth = request.headers.get("Authentication")
+        auth = request.headers.get("Authorization")
         token = Token.query.filter_by(string=auth).first()
         if not token:
             abort(403)
@@ -30,7 +30,7 @@ def admin_required(f):
     def inner(*args, **kwargs):
         header = request.headers
 
-        auth = request.headers.get("Authentication")
+        auth = request.headers.get("Authorization")
         token = Token.query.filter_by(string=auth).first()
         if not token.user.is_admin:
             abort(403)
-- 
cgit v1.2.3-18-g5258