Revision 6a0e1a00
| b/aai/middleware.py | ||
|---|---|---|
| 34 | 34 |
from synnefo.aai.shibboleth import Tokens, register_shibboleth_user |
| 35 | 35 |
import time |
| 36 | 36 |
|
| 37 |
DONT_CHECK = ['/invitations/login'] |
|
| 37 |
DONT_CHECK = ['/api', '/invitations/login']
|
|
| 38 | 38 |
|
| 39 | 39 |
class SynnefoAuthMiddleware(object): |
| 40 | 40 |
|
| b/api/middleware.py | ||
|---|---|---|
| 13 | 13 |
if not request.path.startswith('/api/') :
|
| 14 | 14 |
return |
| 15 | 15 |
|
| 16 |
# Another middleware on the processing chain has authenticated the user. |
|
| 17 |
if request.user: |
|
| 18 |
return |
|
| 19 |
|
|
| 20 | 16 |
token = None |
| 21 | 17 |
|
| 22 | 18 |
# Try to find token in a cookie |
| b/api/tests.py | ||
|---|---|---|
| 857 | 857 |
def test_unauthorized_call(self): |
| 858 | 858 |
request = {'reboot': {'type': 'HARD'}}
|
| 859 | 859 |
path = '/api/v1.1/servers/%d/action' % 1 |
| 860 |
response = self.client.post(path, json.dumps(request), content_type='application/json') |
|
| 860 |
response = self.client.post(path, json.dumps(request), |
|
| 861 |
content_type='application/json') |
|
| 861 | 862 |
self.assertEquals(response.status_code, 401) |
| 862 | 863 |
|
| 863 | 864 |
|
Also available in: Unified diff