From 554a531f57e4d910f39ef0f0e89979d1284a8618 Mon Sep 17 00:00:00 2001
From: Alexis Lahouze <xals@lahouze.org>
Date: Thu, 25 May 2017 22:11:42 +0200
Subject: [PATCH] Add authorization check.

---
 accountant/views/users.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/accountant/views/users.py b/accountant/views/users.py
index d8919ad..86218c9 100644
--- a/accountant/views/users.py
+++ b/accountant/views/users.py
@@ -64,6 +64,9 @@ class LoginResource(Resource):
     def post(self):
         """Login to retrieve authentication token."""
 
+        if not request.authorization:
+            ns.abort(401, "Missing authorization.")
+
         email = request.authorization['username']
         password = request.authorization['password']