From 554a531f57e4d910f39ef0f0e89979d1284a8618 Mon Sep 17 00:00:00 2001 From: Alexis Lahouze Date: Thu, 25 May 2017 22:11:42 +0200 Subject: [PATCH] Add authorization check. --- accountant/views/users.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/accountant/views/users.py b/accountant/views/users.py index d8919ad..86218c9 100644 --- a/accountant/views/users.py +++ b/accountant/views/users.py @@ -64,6 +64,9 @@ class LoginResource(Resource): def post(self): """Login to retrieve authentication token.""" + if not request.authorization: + ns.abort(401, "Missing authorization.") + email = request.authorization['username'] password = request.authorization['password']