Merge pull request #731 from jrocketfingers/fix/token-missing-auth-headers
Check that the Authorization headers are actually provided.
This commit is contained in:
commit
0e4aaf8856
|
@ -86,7 +86,7 @@ class Request(dict):
|
|||
:return: token related to request
|
||||
"""
|
||||
auth_header = self.headers.get('Authorization')
|
||||
if 'Token ' in auth_header:
|
||||
if auth_header is not None and 'Token ' in auth_header:
|
||||
return auth_header.partition('Token ')[-1]
|
||||
else:
|
||||
return auth_header
|
||||
|
|
|
@ -182,6 +182,14 @@ def test_token():
|
|||
|
||||
assert request.token == token
|
||||
|
||||
# no Authorization headers
|
||||
headers = {
|
||||
'content-type': 'application/json'
|
||||
}
|
||||
|
||||
request, response = app.test_client.get('/', headers=headers)
|
||||
|
||||
assert request.token is None
|
||||
|
||||
|
||||
# ------------------------------------------------------------ #
|
||||
|
|
Loading…
Reference in New Issue
Block a user