Skip to content

Commit

Permalink
Merge branch 'main' into fix/aggregate-report-name
Browse files Browse the repository at this point in the history
  • Loading branch information
madelondohmen authored Oct 31, 2024
2 parents 907e5ba + 193764c commit 798a301
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 3 deletions.
7 changes: 4 additions & 3 deletions rocky/rocky/middleware/auth_token.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,13 @@ def middleware(request):
if not request.user.is_authenticated and "authorization" in request.headers:
authenticator = TokenAuthentication()
try:
user, token = authenticator.authenticate(request)
user_and_token = authenticator.authenticate(request)
except APIException:
return HttpResponseForbidden("Invalid token\n")
else:
request.user = user
structlog.contextvars.bind_contextvars(auth_method="token")
if user_and_token:
request.user = user_and_token[0]
structlog.contextvars.bind_contextvars(auth_method="token")

return get_response(request)

Expand Down
6 changes: 6 additions & 0 deletions rocky/tests/test_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,9 @@ def test_api_2fa_enabled(client, settings, admin_user):

response = client.get("/api/v1/organization/", headers={"Authorization": f"Token {token}"})
assert response.status_code == 200


# Regression test for https://github.com/minvws/nl-kat-coordination/issues/3754
def test_auth_header_wrong_format(client, settings, admin_user):
response = client.get("/api/v1/organization/", headers={"Authorization": "Not a token"})
assert response.status_code == 401

0 comments on commit 798a301

Please sign in to comment.