masq/halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[auth] dont activate authenticationMiddleware if secret is missing. NO SECRET ONLY IN FULLY PUBLIC DOMAINS!!!

Browse Source
This commit is contained in:
Maxime Alves LIRMM@home 2022-01-21 14:39:34 +01:00
parent 979007f287
commit 2e5680d29a
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
halfapi/halfapi.py
View File

@ -129,10 +129,11 @@ class HalfAPI(Starlette):
self.add_route('/', JSONRoute(schemas)) self.add_route('/', JSONRoute(schemas))
self.add_middleware( if SECRET:
AuthenticationMiddleware, self.add_middleware(
backend=JWTAuthenticationBackend() AuthenticationMiddleware,
) backend=JWTAuthenticationBackend()
)
if not PRODUCTION: if not PRODUCTION:
self.add_middleware( self.add_middleware(