management: dont raise an exception on a poorly formatted authentication header

This commit is contained in:
Joshua Tauberer 2014-08-08 15:36:00 -04:00
parent 7e62131fbc
commit f41ec93cbe
1 changed files with 6 additions and 1 deletions

View File

@ -47,11 +47,16 @@ class KeyAuthService:
if header is None:
return
if " " not in header:
return
scheme, credentials = header.split(maxsplit=1)
if scheme != 'Basic':
return
username, password = decode(credentials).split(':', maxsplit=1)
credentials = decode(credentials)
if ":" not in credentials:
return
username, password = credentials.split(':', maxsplit=1)
return username
request_key = parse_api_key(request.headers.get('Authorization'))