2025-summer/team-3
12
Fork 0
Code Issues Pull requests Projects Releases Activity

what if api secret auth actually… did the right thing? just kidding… unless

Browse source
This commit is contained in:
Laura Klünder 2023-11-15 14:04:07 +01:00
parent f9e5af937e
commit da4631b715
1 changed files with 1 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/c3nav/api/newauth.py
View file

@ -38,8 +38,7 @@ class BearerAuth(HttpBearer):
).select_related("user").get()
except UserPermissions.DoesNotExist:
raise APITokenInvalid
session = self.SessionStore(token.removeprefix("secret:"))
return session.user
return user_perms.user
# todo: implement token (app) auth
raise APITokenInvalid