made different header called Absent-Auth to replace Authorization hea…

…der b/c of Apple and its quirks :)
absent-cc · Feb 27, 2022 · 823ab6c · 823ab6c
1 parent b199fe1
commit 823ab6c
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 11 deletions.
diff --git a/src/dataTypes/headers.py b/src/dataTypes/headers.py
@@ -1,6 +1,8 @@
 
+from curses.ascii import HT
 from fastapi import HTTPException
 from fastapi.security.http import HTTPBase
+from fastapi.security.base import SecurityBase
 from fastapi.openapi.models import HTTPBearer as HTTPBearerModel
 from pydantic import BaseModel, validator
 from typing import Optional
@@ -13,12 +15,32 @@ class HTTPAuthCreds(BaseModel):
     scheme: str
     credentials: str
 
-    # Basic checking for the creds
-    # @validator('credentials')
-    # def checkCredentials(cls, v):
-    #     if len(v) != 64:
-    #         raise ValueError('Invalid Credentials from validator.')
-    #     return v
+class HTTPBase(SecurityBase):
+    def __init__(
+        self,
+        *,
+        scheme: str,
+        scheme_name: Optional[str] = None,
+        description: Optional[str] = None,
+        auto_error: bool = True,
+    ):
+        self.model = HTTPAuthCreds(scheme=scheme, description=description)
+        self.scheme_name = scheme_name or self.__class__.__name__
+        self.auto_error = auto_error
+
+    async def __call__(
+        self, request: Request
+    ) -> Optional[HTTPAuthCreds]:
+        authorization: str = request.headers.get("Absent-Auth")
+        scheme, credentials = get_authorization_scheme_param(authorization)
+        if not (authorization and scheme and credentials):
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
+                )
+            else:
+                return None
+        return HTTPAuthCreds(scheme=scheme, credentials=credentials)
 
 class HTTPAuth(HTTPBase):
     def __init__(
@@ -36,7 +58,7 @@ def __init__(
     async def __call__(
         self, request: Request
     ) -> Optional[HTTPAuthCreds]:
-        authorization: str = request.headers.get("Authorization")
+        authorization: str = request.headers.get("Absent-Auth")
         scheme, credentials = get_authorization_scheme_param(authorization)
         if not (authorization and scheme and credentials):
             if self.auto_error:
@@ -45,7 +67,7 @@ async def __call__(
                 )
             else:
                 return None
-        if scheme.lower() != "absent-auth":
+        if scheme.lower() != "bearer":
             if self.auto_error:
                 raise HTTPException(
                     status_code=HTTP_403_FORBIDDEN,

diff --git a/static/swagger-ui-bundle.js b/static/swagger-ui-bundle.js
diff --git a/tests/unit/api/users/test_api_users.py b/tests/unit/api/users/test_api_users.py
@@ -49,7 +49,7 @@ class GetInfo(unittest.TestCase):
 
         def test_get_users(self):
             response = client.get("v1/users/me/info",
-            headers= { "Authorization": f"absent-auth {self.TROJANHORSE.token}" }
+            headers= { "Absent-Auth": f"Bearer {self.TROJANHORSE.token}" }
             )
             print(response.json())
             print(self.TROJANHORSE.pseudo_info)
@@ -66,7 +66,7 @@ class Sessions(unittest.TestCase):
 
         def test_get_sessions(self):
             response = client.get("v1/users/me/sessions",
-            headers= { "Authorization": f"absent-auth {self.TROJANHORSE.token}" }
+            headers= { "Absent-Auth": f"Bearer {self.TROJANHORSE.token}" }
             )
             self.assertEqual(response.status_code, 200), "Failed to return 200 when Authorization header is present"