vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix: check if user is diabled during api authentication

Browse source
This commit is contained in:
Snehit Gunjikar 2025-03-20 19:58:10 +05:30
parent ba9bc4fb82
commit 10873ad49f
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frappe/auth.py
View file

@ -702,7 +702,7 @@ def validate_auth_via_api_keys(authorization_header):
def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=None):
"""frappe_authorization_source to provide api key and secret for a doctype apart from User"""
doctype = frappe_authorization_source or "User"
doc = frappe.db.get_value(doctype=doctype, filters={"api_key": api_key}, fieldname=["name"])
doc = frappe.db.get_value(doctype=doctype, filters={"api_key": api_key, "enabled": True}, fieldname=["name"])
if not doc:
raise frappe.AuthenticationError
form_dict = frappe.local.form_dict