Skip to content

E
edx-notes-api
Commit 0ef2b13c by Tim Babych
Options

change token check to look for X-Annotator-Auth-Token

parent df5f511d
Showing with 2 additions and 2 deletions
notesapi/v1/permissions.py
...@@ -7,8 +7,8 @@ class HasAccessToken(BasePermission): ...@@ -7,8 +7,8 @@ class HasAccessToken(BasePermission):
""" """
def has_permission(self, request, view): def has_permission(self, request, view):
try: try:
# expected HTTP Header "Authorization: Bearer TOKEN" # expected HTTP Header "X-Annotator-Auth-Token: TOKEN"
AccessToken.objects.get_token(request.META["HTTP_AUTHORIZATION"].split()[1]) AccessToken.objects.get_token(request.META["HTTP-X-ANNOTATOR-AUTH-TOKEN"].strip())
return True return True
except AccessToken.DoesNotExist: except AccessToken.DoesNotExist:
return False return False
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment