[PATCH 5 of 5] auth: fix tests after changing API key handling
Mads Kiilerich
mads at kiilerich.com
Wed Mar 25 15:12:05 EDT 2015
On 03/25/2015 12:01 PM, Thomas De Schampheleire wrote:
> # HG changeset patch
> # User Thomas De Schampheleire <thomas.de.schampheleire at gmail.com>
> # Date 1427279629 -3600
> # Wed Mar 25 11:33:49 2015 +0100
> # Node ID eaeea9ea95b036e8d5eaac16aea1e6c8c62868c9
> # Parent e1a755428e3abd3d011c7c033233272dadb34572
> auth: fix tests after changing API key handling
It seems like this changeset is fixing some failures that previous
changes introduced?
All tests should pass for all revisions. Please make the necessary test
changes in the changesets where functionality is changed.
>
> Return codes when using API keys have changed, and so should the tests.
> Additionally, improve the auth logic to make a distinction between having no
> API key (and thus no checking of it, falling back to regular auth), and
> having a potentially empty one (401 if it is invalid).
>
> diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
> --- a/kallithea/lib/auth.py
> +++ b/kallithea/lib/auth.py
> @@ -754,9 +754,9 @@
> % (loc, user))
> return redirect_to_login()
>
> - # check if we used an APIKEY and it's a valid one
> - _api_key = request.GET.get('api_key', '')
> - if _api_key:
> + # check if we used an API key and it's a valid one
> + _api_key = request.GET.get('api_key')
> + if _api_key is not None:
oh - nice one ;-)
It would be nice to have this chunk in one of the previos patches.
Thanks for attacking this. It is essential functionality so it is nice
to see it refactored to be more trust-worthy.
/Mads
More information about the kallithea-general
mailing list