From 8213c244eaca9a65a51ccb8422b3adb45485ef43 Mon Sep 17 00:00:00 2001 From: Fulgen301 Date: Tue, 16 Oct 2018 18:57:01 +0200 Subject: Subclass HTTPReponse in order to ensure the presence of CORS headers --- auth.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'auth.py') diff --git a/auth.py b/auth.py index 1f45844..a6636a3 100644 --- a/auth.py +++ b/auth.py @@ -13,6 +13,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. import os, hashlib, base64, jwt, json +from .cors import * from .database import * from bottle import install, HTTPResponse, route, request, default_app, post from bottle_jwt import JWTProviderPlugin, jwt_auth_required, JWTProvider @@ -23,7 +24,7 @@ def calculateUserHash(username : str, password : str) -> object: class AuthBackend(object): def authenticate_user(self, username, password): if username is None or password is None: - raise HTTPResponse("Username or password missing", 400) + raise ParryHTTPResponse("Username or password missing", 400) session = DBSession() try: user = session.query(User).filter_by(name=username, hash=calculateUserHash(username, password).hexdigest()).one() @@ -69,7 +70,7 @@ def auth_basic(f): try: User.query.filter_by(name=request.forms["username"], hash=calculateUserHash(request.forms["username"], request.forms["password"]).hexdigest()).first() except db.orm.exc.NoResultFound: - return HTTPResponse(status=401) + return ParryHTTPResponse(status=401) del request.forms["password"] return f(*args, **kwargs) @@ -79,4 +80,4 @@ def get_user(session : DBSession): try: return session.query(User).filter_by(name=request.get_user()["name"]).one() except db.orm.exc.NoResultFound: - raise HTTPResponse(status=401) + raise ParryHTTPResponse(status=401) -- cgit v1.2.3-54-g00ecf