External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-17 12:41:19 -03:30
Code Issues Packages Projects Releases Wiki Activity

Process Token from query string instead of cookie header on the api side

Browse Source 
for the socket.io service
This commit is contained in:
Matthew Jones 2015-02-18 11:04:18 -05:00
parent 203de5221e
commit 52385f7346
1 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
awx/main/management/commands/run_socketio_service.py
View File

@ -49,23 +49,21 @@ class TowerBaseNamespace(BaseNamespace):
return set(['recv_connect'])
def valid_user(self):
if 'HTTP_COOKIE' not in self.environ:
if 'QUERY_STRING' not in self.environ:
return False
else:
try:
all_keys = [e.strip() for e in self.environ['HTTP_COOKIE'].split(";")]
for each_key in all_keys:
k, v = each_key.split("=")
if k == "token":
token_actual = urllib.unquote_plus(v).decode().replace("\"","")
auth_token = AuthToken.objects.filter(key=token_actual)
if not auth_token.exists():
return False
auth_token = auth_token[0]
if not auth_token.expired:
return auth_token.user
else:
return False
k, v = self.environ['QUERY_STRING'].split("=")
if k == "Token":
token_actual = urllib.unquote_plus(v).decode().replace("\"","")
auth_token = AuthToken.objects.filter(key=token_actual)
if not auth_token.exists():
return False
auth_token = auth_token[0]
if not auth_token.expired:
return auth_token.user
else:
return False
except Exception, e:
logger.error("Exception validating user: " + str(e))
return False