mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-22 02:17:26 +00:00
management: dont raise an exception on a poorly formatted authentication header
This commit is contained in:
parent
7e62131fbc
commit
f41ec93cbe
@ -47,11 +47,16 @@ class KeyAuthService:
|
|||||||
if header is None:
|
if header is None:
|
||||||
return
|
return
|
||||||
|
|
||||||
|
if " " not in header:
|
||||||
|
return
|
||||||
scheme, credentials = header.split(maxsplit=1)
|
scheme, credentials = header.split(maxsplit=1)
|
||||||
if scheme != 'Basic':
|
if scheme != 'Basic':
|
||||||
return
|
return
|
||||||
|
|
||||||
username, password = decode(credentials).split(':', maxsplit=1)
|
credentials = decode(credentials)
|
||||||
|
if ":" not in credentials:
|
||||||
|
return
|
||||||
|
username, password = credentials.split(':', maxsplit=1)
|
||||||
return username
|
return username
|
||||||
|
|
||||||
request_key = parse_api_key(request.headers.get('Authorization'))
|
request_key = parse_api_key(request.headers.get('Authorization'))
|
||||||
|
Loading…
Reference in New Issue
Block a user