lychiyu/freqtrade_origin
1
0
Fork 0
mirror of https://github.com/freqtrade/freqtrade.git synced 2024-11-14 04:03:55 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Switch auth to real basic auth

Browse Source
This commit is contained in:
Matthias 2019-05-25 14:25:16 +02:00
parent 6adc8f7ea7
commit 2da7145132
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
freqtrade/rpc/api_server.py
View File

@ -53,13 +53,16 @@ class ApiServer(RPC):
return func_wrapper return func_wrapper
def check_auth(self, username, password):
return (username == self._config['api_server'].get('username') and
password == self._config['api_server'].get('password'))
def require_login(func): def require_login(func):
def func_wrapper(self, *args, **kwargs): def func_wrapper(self, *args, **kwargs):
# Also accepts empty username/password if it's missing in both config and request
if (request.headers.get('username') == self._config['api_server'].get('username')
and request.headers.get('password') == self._config['api_server'].get('password')):
auth = request.authorization
if auth and self.check_auth(auth.username, auth.password):
return func(self, *args, **kwargs) return func(self, *args, **kwargs)
else: else:
return jsonify({"error": "Unauthorized"}), 401 return jsonify({"error": "Unauthorized"}), 401