External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-11 10:00:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

if basic auth in headers, don't use cookie token

Browse Source 
* Allows for basic auth to be used when cookie token fails
This commit is contained in:
Chris Meyers 2015-10-19 14:49:15 -04:00
parent 4692c13a9d
commit 1db26531a1
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
awx/api/authentication.py
View File

@ -50,7 +50,10 @@ class TokenAuthentication(authentication.TokenAuthentication):
auth = TokenAuthentication._get_x_auth_token_header(request).split()
if not auth or auth[0].lower() != 'token':
auth = authentication.get_authorization_header(request).split()
if not auth or auth[0].lower() != 'token':
# Prefer basic auth over cookie token
if auth and auth[0].lower() == 'basic':
return None
elif not auth or auth[0].lower() != 'token':
auth = TokenAuthentication._get_auth_token_cookie(request).split()
if not auth or auth[0].lower() != 'token':
return None