From 247d224a522e56585e8e7783d5da0435aa959835 Mon Sep 17 00:00:00 2001 From: Tanner Collin Date: Tue, 20 Jun 2023 22:37:31 +0000 Subject: [PATCH] Fix some silly token auth bugs --- apiserver/apiserver/api/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apiserver/apiserver/api/views.py b/apiserver/apiserver/api/views.py index d9ab86b..15c04f9 100644 --- a/apiserver/apiserver/api/views.py +++ b/apiserver/apiserver/api/views.py @@ -765,7 +765,7 @@ class StatsViewSet(viewsets.ViewSet, List): # {'data': 'Disarmed: Partition 2'} auth_token = request.META.get('HTTP_AUTHORIZATION', '') - if secrets.VEND_API_TOKEN and auth_token != 'Bearer ' + secrets.ALARM_API_TOKEN: + if secrets.ALARM_API_TOKEN and auth_token != 'Bearer ' + secrets.ALARM_API_TOKEN: raise exceptions.PermissionDenied() try: @@ -1516,7 +1516,7 @@ class ProtocoinViewSet(Base): try: with transaction.atomic(): auth_token = request.META.get('HTTP_AUTHORIZATION', '') - if secrets.VEND_API_TOKEN and auth_token != 'Bearer ' + secrets.PRINTER_API_TOKEN: + if secrets.PRINTER_API_TOKEN and auth_token != 'Bearer ' + secrets.PRINTER_API_TOKEN: raise exceptions.PermissionDenied() # {'job_name': 'download.png', 'uuid': '6abbad4d-dda3-4954-b4f1-ac77933a0562', 'timestamp': '20230211173624',