Sebastián Ramírez
6 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with
9 additions and
6 deletions
-
fastapi/security/http.py
-
tests/test_security_http_bearer_optional.py
|
|
|
@ -112,10 +112,13 @@ class HTTPBearer(HTTPBase): |
|
|
|
else: |
|
|
|
return None |
|
|
|
if scheme.lower() != "bearer": |
|
|
|
if self.auto_error: |
|
|
|
raise HTTPException( |
|
|
|
status_code=HTTP_403_FORBIDDEN, |
|
|
|
detail="Invalid authentication credentials", |
|
|
|
) |
|
|
|
else: |
|
|
|
return None |
|
|
|
return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -64,5 +64,5 @@ def test_security_http_bearer_no_credentials(): |
|
|
|
|
|
|
|
def test_security_http_bearer_incorrect_scheme_credentials(): |
|
|
|
response = client.get("/users/me", headers={"Authorization": "Basic notreally"}) |
|
|
|
assert response.status_code == 403 |
|
|
|
assert response.json() == {"detail": "Invalid authentication credentials"} |
|
|
|
assert response.status_code == 200 |
|
|
|
assert response.json() == {"msg": "Create an account first"} |
|
|
|
|
