Process Token from query string instead of cookie header on the api side

for the socket.io service
2026-05-24 09:07:45 -02:30 · 2015-02-18 11:04:18 -05:00
parent 203de5221e
commit 52385f7346
1 changed files with 12 additions and 14 deletions
--- a/awx/main/management/commands/run_socketio_service.py
+++ b/awx/main/management/commands/run_socketio_service.py
@@ -49,14 +49,12 @@ class TowerBaseNamespace(BaseNamespace):
        return set(['recv_connect'])

    def valid_user(self):
-        if 'HTTP_COOKIE' not in self.environ:
+        if 'QUERY_STRING' not in self.environ:
            return False
        else:
            try:
-                all_keys = [e.strip() for e in self.environ['HTTP_COOKIE'].split(";")]
-                for each_key in all_keys:
-                    k, v = each_key.split("=")
-                    if k == "token":
+                k, v = self.environ['QUERY_STRING'].split("=")
+                if k == "Token":
                    token_actual = urllib.unquote_plus(v).decode().replace("\"","")
                    auth_token = AuthToken.objects.filter(key=token_actual)
                    if not auth_token.exists():