[System] Fixed issue when Authorization header is missing

2020-10-30 22:17:43 +01:00 · 2020-10-30 22:17:43 +01:00 · ff6c973eef
parent 32783041d8
commit ff6c973eef
1 changed files with 5 additions and 1 deletions
--- a/flaschengeist/decorator.py
+++ b/flaschengeist/decorator.py
@ -20,7 +20,11 @@ def login_required(permission=None):
    def wrap(func):
        @wraps(func)
        def wrapped_f(*args, **kwargs):
-            token = list(filter(None, request.headers.get("Authorization").split(" ")))[-1]
+            try:
+                token = list(filter(None, request.headers.get("Authorization").split(" ")))[-1]
+            except AttributeError:
+                raise Unauthorized
+
            session = sessionController.validate_token(token, request.user_agent, permission)
            if session:
                kwargs["current_session"] = session