[PATCH 5 of 5] auth: fix tests after changing API key handling
Thomas De Schampheleire
patrickdepinguin at gmail.com
Thu Mar 26 16:00:07 EDT 2015
On Wed, Mar 25, 2015 at 8:12 PM, Mads Kiilerich <mads at kiilerich.com> wrote:
> On 03/25/2015 12:01 PM, Thomas De Schampheleire wrote:
>>
>> # HG changeset patch
>> # User Thomas De Schampheleire <thomas.de.schampheleire at gmail.com>
>> # Date 1427279629 -3600
>> # Wed Mar 25 11:33:49 2015 +0100
>> # Node ID eaeea9ea95b036e8d5eaac16aea1e6c8c62868c9
>> # Parent e1a755428e3abd3d011c7c033233272dadb34572
>> auth: fix tests after changing API key handling
>
>
> It seems like this changeset is fixing some failures that previous changes
> introduced?
>
> All tests should pass for all revisions. Please make the necessary test
> changes in the changesets where functionality is changed.
Yes, I will fix this in next iteration.
>
>>
>> Return codes when using API keys have changed, and so should the tests.
>> Additionally, improve the auth logic to make a distinction between having
>> no
>> API key (and thus no checking of it, falling back to regular auth), and
>> having a potentially empty one (401 if it is invalid).
>>
>> diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
>> --- a/kallithea/lib/auth.py
>> +++ b/kallithea/lib/auth.py
>> @@ -754,9 +754,9 @@
>> % (loc, user))
>> return redirect_to_login()
>> - # check if we used an APIKEY and it's a valid one
>> - _api_key = request.GET.get('api_key', '')
>> - if _api_key:
>> + # check if we used an API key and it's a valid one
>> + _api_key = request.GET.get('api_key')
>> + if _api_key is not None:
>
>
> oh - nice one ;-)
>
> It would be nice to have this chunk in one of the previos patches.
>
>
> Thanks for attacking this. It is essential functionality so it is nice to
> see it refactored to be more trust-worthy.
Thanks for the feedback,
Thomas
More information about the kallithea-general
mailing list