archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Auth: also support Bearer token authentication

Browse Source 
This is commonly used in OAuth-authenticated calls, and can help us break
away from the username-is-auth-token stuff currently in use.
This commit is contained in:
Sybren A. Stüvel
2017-12-08 14:46:58 +01:00
parent 3ea2504e8c
commit 199c6b1f77
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pillar/api/utils/authentication.py
View File

@@ -118,9 +118,13 @@ def validate_token():
from pillar.auth import AnonymousUser from pillar.auth import AnonymousUser
auth_header = request.headers.get('Authorization') or ''
if request.authorization: if request.authorization:
token = request.authorization.username token = request.authorization.username
oauth_subclient = request.authorization.password oauth_subclient = request.authorization.password
elif auth_header.startswith('Bearer '):
token = auth_header[7:].strip()
oauth_subclient = ''
else: else:
# Check the session, the user might be logged in through Flask-Login. # Check the session, the user might be logged in through Flask-Login.
from pillar import auth from pillar import auth