vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

fix: Revert possibly breaking behaviour

Browse source 
Auth hooks should always run regardless of auth headers. These are
supposed to be generic hooks without any expectation on what it's
supposed to do.
This commit is contained in:
Ankush Menat 2023-11-18 11:24:54 +05:30
parent 693d079f16
commit 5ba53b05fb
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
frappe/auth.py
View file

@ -573,12 +573,13 @@ def validate_auth():
if len(authorization_header) == 2:
validate_oauth(authorization_header)
validate_auth_via_api_keys(authorization_header)
validate_auth_via_hooks()
# If login via bearer, basic or keypair didn't work then authentication failed and we
# should terminate here.
if frappe.session.user in ("", "Guest"):
raise frappe.AuthenticationError
validate_auth_via_hooks()
# If login via bearer, basic or keypair didn't work then authentication failed and we
# should terminate here.
if len(authorization_header) == 2 and frappe.session.user in ("", "Guest"):
raise frappe.AuthenticationError
def validate_oauth(authorization_header):