Skip to content

Commit

Permalink
API token: support any casing for 'Bearer' (#343)
Browse files Browse the repository at this point in the history
* API token: support any casing for 'Bearer'
Fixes #342
* running black formatting, version bump
Signed-off-by: vsoch <vsoch@users.noreply.github.com>
Co-authored-by: vsoch <vsoch@users.noreply.github.com>
  • Loading branch information
pini-gh authored Feb 18, 2021
1 parent 3fbea05 commit 0a51aac
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 4 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ represented by the pull requests that fixed them. Critical items to know are:


## [master](https://github.com/singularityhub/sregistry/tree/master) (master)
- allowing for Bearer token to have any casing (1.1.31)
- adding minio environment file to https docker-compose (1.1.3)
- enforcing usernames to be all lowercase (1.1.29)
- Added ability to specify Minio direct download from interface (1.1.28)
Expand Down
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.1.3
1.1.31
9 changes: 6 additions & 3 deletions shub/apps/library/views/helpers.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,9 @@ def validate_token(request):
token = request.META.get("HTTP_AUTHORIZATION")
if token:
try:
token = token.split(" ")[-1] # Get rid of BEARER or Bearer <token>
Token.objects.get(key=token.strip())
Token.objects.get(
key=re.sub("bearer", "", token, flags=re.IGNORECASE).strip()
)
return True
except Token.DoesNotExist:
pass
Expand All @@ -48,7 +49,9 @@ def get_token(request):

if token:
try:
return Token.objects.get(key=token.replace("BEARER", "").strip())
return Token.objects.get(
key=re.sub("bearer", "", token, flags=re.IGNORECASE).strip()
)
except Token.DoesNotExist:
pass

Expand Down

0 comments on commit 0a51aac

Please sign in to comment.