aboutsummaryrefslogtreecommitdiffstats
path: root/src/api
diff options
context:
space:
mode:
authorJustin Choquette <jchoquette@iol.unh.edu>2022-06-07 16:07:54 -0400
committerJustin Choquette <jchoquette@iol.unh.edu>2022-06-07 16:47:39 -0400
commit1552253144f6d447ad28540a87387f42ce194d12 (patch)
tree48e97d6483e209c11e870ce4da4c718c283481e2 /src/api
parentb7df4193fef9adeccf99685af7d7420274d66064 (diff)
API Malformed Token re-fixlaas-3.0
Change-Id: Ie9d93a9c6f6aeee46aac8ff4d0d4d85270fe1da9 Signed-off-by: Justin Choquette <jchoquette@iol.unh.edu> Fixed flake8 issue. Change-Id: I3e889e4f8c6ff1a5ed5d007e1b1ff7e50f3687da Signed-off-by: Justin Choquette <jchoquette@iol.unh.edu>
Diffstat (limited to 'src/api')
-rw-r--r--src/api/views.py6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/api/views.py b/src/api/views.py
index 1516374..ffa9b3f 100644
--- a/src/api/views.py
+++ b/src/api/views.py
@@ -430,7 +430,11 @@ def auth_and_log(request, endpoint):
token = Token.objects.get(key=user_token)
except Token.DoesNotExist:
token = None
- response = HttpResponse('Unauthorized', status=401)
+ # Added logic to detect malformed token
+ if len(str(user_token)) != 40:
+ response = HttpResponse('Malformed Token', status=401)
+ else:
+ response = HttpResponse('Unauthorized', status=401)
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
if x_forwarded_for: