diff --git a/api/src/data_inclusion/api/core/auth.py b/api/src/data_inclusion/api/core/auth.py index 5399487f..88fbc870 100644 --- a/api/src/data_inclusion/api/core/auth.py +++ b/api/src/data_inclusion/api/core/auth.py @@ -16,6 +16,9 @@ def on_error(conn: HTTPConnection, exc: Exception) -> responses.Response: class AuthenticationBackend(authentication.AuthenticationBackend): async def authenticate(self, conn): + if "Authorization" not in conn.headers: + return + http_bearer_instance = HTTPBearer() try: diff --git a/api/src/data_inclusion/api/core/request/services.py b/api/src/data_inclusion/api/core/request/services.py index 8cdf7e5f..738edc8a 100644 --- a/api/src/data_inclusion/api/core/request/services.py +++ b/api/src/data_inclusion/api/core/request/services.py @@ -11,7 +11,7 @@ def save_request(request: requests.Request, response: responses.Response) -> Non method=request.method, path=request.url.path, base_url=str(request.base_url), - user=request.user.username, + user=request.user.username if request.user.is_authenticated else None, path_params=request.path_params, query_params=dict(request.query_params), client_host=request.client.host, diff --git a/api/tests/core/test_request.py b/api/tests/core/test_request.py index 150fb0cb..78cce9f5 100644 --- a/api/tests/core/test_request.py +++ b/api/tests/core/test_request.py @@ -28,4 +28,13 @@ def test_save_api_request_without_token(api_client, db_session): response = api_client.get(url) assert response.status_code == 403 - assert db_session.query(models.Request).count() == 0 + assert db_session.query(models.Request).count() == 1 + + request_instance = db_session.query(models.Request).first() + assert request_instance.status_code == 403 + assert request_instance.user is None + assert request_instance.path == "/api/v0/structures" + assert request_instance.method == "GET" + assert request_instance.path_params == {} + assert request_instance.query_params == {} + assert request_instance.endpoint_name == "list_structures_endpoint"