habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: add bandit for static security checks

Browse Source
This commit is contained in:
Jens Langhammer
2020-01-02 13:41:49 +01:00
parent 2d7e70eebf
commit 575739d07c
3 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
passbook/root/monitoring.py
View File

@ -13,11 +13,11 @@ class MetricsView(View):
def get(self, request: HttpRequest) -> HttpResponse:
"""Check for HTTP-Basic auth"""
auth_header = request.META.get("HTTP_AUTHORIZATION", "")
token_type, _, credentials = auth_header.partition(" ")
creds = f"monitor:{settings.SECRET_KEY}"
expected = b64encode(str.encode(creds)).decode()
auth_type, _, credentials = auth_header.partition(" ")
credentials = f"monitor:{settings.SECRET_KEY}"
expected = b64encode(str.encode(credentials)).decode()
if token_type != "Basic" or credentials != expected:
if auth_type != "Basic" or credentials != expected:
raise Http404
return ExportToDjangoView(request)