api: make 401 messages clearer

closes #755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/api/tests/test_auth.py

@@ -3,6 +3,7 @@ from base64 import b64encode
 
 from django.test import TestCase
 from guardian.shortcuts import get_anonymous_user
+from rest_framework.exceptions import AuthenticationFailed
 
 from authentik.api.auth import token_from_header
 from authentik.core.models import Token, TokenIntents
@@ -28,17 +29,21 @@ class TestAPIAuth(TestCase):
 
     def test_invalid_type(self):
         """Test invalid type"""
-        self.assertIsNone(token_from_header("foo bar".encode()))
+        with self.assertRaises(AuthenticationFailed):
+            token_from_header("foo bar".encode())
 
     def test_invalid_decode(self):
         """Test invalid bas64"""
-        self.assertIsNone(token_from_header("Basic bar".encode()))
+        with self.assertRaises(AuthenticationFailed):
+            token_from_header("Basic bar".encode())
 
     def test_invalid_empty_password(self):
         """Test invalid with empty password"""
-        self.assertIsNone(token_from_header("Basic :".encode()))
+        with self.assertRaises(AuthenticationFailed):
+            token_from_header("Basic :".encode())
 
     def test_invalid_no_token(self):
         """Test invalid with no token"""
-        auth = b64encode(":abc".encode()).decode()
-        self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))
+        with self.assertRaises(AuthenticationFailed):
+            auth = b64encode(":abc".encode()).decode()
+            self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))