masq/halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[auth] dont activate authenticationMiddleware if secret is missing. NO SECRET ONLY IN FULLY PUBLIC DOMAINS!!!

Browse Source
This commit is contained in:
Maxime Alves LIRMM@home 2022-01-21 14:39:34 +01:00
parent 979007f287
commit 2e5680d29a
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
halfapi/halfapi.py
View File

@ -129,6 +129,7 @@ class HalfAPI(Starlette):
self.add_route('/', JSONRoute(schemas)) self.add_route('/', JSONRoute(schemas))
if SECRET:
self.add_middleware( self.add_middleware(
AuthenticationMiddleware, AuthenticationMiddleware,
backend=JWTAuthenticationBackend() backend=JWTAuthenticationBackend()