external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity

management: dont raise an exception on a poorly formatted authentication header

This commit is contained in:
Joshua Tauberer 2014-08-08 15:36:00 -04:00
parent 7e62131fbc
commit f41ec93cbe
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
management/auth.py
View File

@ -47,11 +47,16 @@ class KeyAuthService:
if header is None: if header is None:
return return
if " " not in header:
return
scheme, credentials = header.split(maxsplit=1) scheme, credentials = header.split(maxsplit=1)
if scheme != 'Basic': if scheme != 'Basic':
return return
username, password = decode(credentials).split(':', maxsplit=1) credentials = decode(credentials)
if ":" not in credentials:
return
username, password = credentials.split(':', maxsplit=1)
return username return username
request_key = parse_api_key(request.headers.get('Authorization')) request_key = parse_api_key(request.headers.get('Authorization'))