Revision 6a0e1a00
b/aai/middleware.py | ||
---|---|---|
34 | 34 |
from synnefo.aai.shibboleth import Tokens, register_shibboleth_user |
35 | 35 |
import time |
36 | 36 |
|
37 |
DONT_CHECK = ['/invitations/login'] |
|
37 |
DONT_CHECK = ['/api', '/invitations/login']
|
|
38 | 38 |
|
39 | 39 |
class SynnefoAuthMiddleware(object): |
40 | 40 |
|
b/api/middleware.py | ||
---|---|---|
13 | 13 |
if not request.path.startswith('/api/') : |
14 | 14 |
return |
15 | 15 |
|
16 |
# Another middleware on the processing chain has authenticated the user. |
|
17 |
if request.user: |
|
18 |
return |
|
19 |
|
|
20 | 16 |
token = None |
21 | 17 |
|
22 | 18 |
# Try to find token in a cookie |
b/api/tests.py | ||
---|---|---|
857 | 857 |
def test_unauthorized_call(self): |
858 | 858 |
request = {'reboot': {'type': 'HARD'}} |
859 | 859 |
path = '/api/v1.1/servers/%d/action' % 1 |
860 |
response = self.client.post(path, json.dumps(request), content_type='application/json') |
|
860 |
response = self.client.post(path, json.dumps(request), |
|
861 |
content_type='application/json') |
|
861 | 862 |
self.assertEquals(response.status_code, 401) |
862 | 863 |
|
863 | 864 |
|
Also available in: Unified diff