Skip to content

E
edx-notes-api
Commit 0ef2b13c by Tim Babych
Options

change token check to look for X-Annotator-Auth-Token

parent df5f511d
Showing with 2 additions and 2 deletions
notesapi/v1/permissions.py
......@@ -7,8 +7,8 @@ class HasAccessToken(BasePermission):
"""
def has_permission(self, request, view):
try:
# expected HTTP Header "Authorization: Bearer TOKEN"
AccessToken.objects.get_token(request.META["HTTP_AUTHORIZATION"].split()[1])
# expected HTTP Header "X-Annotator-Auth-Token: TOKEN"
AccessToken.objects.get_token(request.META["HTTP-X-ANNOTATOR-AUTH-TOKEN"].strip())
return True
except AccessToken.DoesNotExist:
return False
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment