External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-09 10:27:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

Process Token from query string instead of cookie header on the api side

Browse Source 
for the socket.io service
This commit is contained in:
Matthew Jones
2015-02-18 11:04:18 -05:00
parent 203de5221e
commit 52385f7346
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
awx/main/management/commands/run_socketio_service.py
View File

@@ -49,23 +49,21 @@ class TowerBaseNamespace(BaseNamespace):
return set(['recv_connect']) return set(['recv_connect'])
def valid_user(self): def valid_user(self):
if 'HTTP_COOKIE' not in self.environ: if 'QUERY_STRING' not in self.environ:
return False return False
else: else:
try: try:
all_keys = [e.strip() for e in self.environ['HTTP_COOKIE'].split(";")] k, v = self.environ['QUERY_STRING'].split("=")
for each_key in all_keys: if k == "Token":
k, v = each_key.split("=") token_actual = urllib.unquote_plus(v).decode().replace("\"","")
if k == "token": auth_token = AuthToken.objects.filter(key=token_actual)
token_actual = urllib.unquote_plus(v).decode().replace("\"","") if not auth_token.exists():
auth_token = AuthToken.objects.filter(key=token_actual) return False
if not auth_token.exists(): auth_token = auth_token[0]
return False if not auth_token.expired:
auth_token = auth_token[0] return auth_token.user
if not auth_token.expired: else:
return auth_token.user return False
else:
return False
except Exception, e: except Exception, e:
logger.error("Exception validating user: " + str(e)) logger.error("Exception validating user: " + str(e))
return False return False