mirror of
https://github.com/ae-utbm/sith.git
synced 2025-06-07 19:55:20 +00:00
Forbid authentication with revoked keys
This commit is contained in:
parent
f93a4ac98b
commit
835dd5d20e
@ -14,7 +14,7 @@ class ApiKeyAuth(APIKeyHeader):
|
||||
hasher = get_hasher()
|
||||
hashed_key = hasher.encode(key)
|
||||
try:
|
||||
key_obj = ApiKey.objects.get(hashed_key=hashed_key)
|
||||
key_obj = ApiKey.objects.get(revoked=False, hashed_key=hashed_key)
|
||||
except ApiKey.DoesNotExist:
|
||||
return None
|
||||
return key_obj.client
|
||||
|
Loading…
x
Reference in New Issue
Block a user