mirror of
https://github.com/xcat2/confluent.git
synced 2024-11-26 19:40:12 +00:00
Give client method to suppress auth header
A javascript client running in browser may want the standard authorization header suppressed. This allows a client to block the default browser authentication prompt.
This commit is contained in:
parent
76ff9fd759
commit
ba6b7cf517
@ -306,18 +306,17 @@ def resourcehandler_backend(env, start_response):
|
||||
operation = querydict['restexplorerop']
|
||||
del querydict['restexplorerop']
|
||||
authorized = _authorize_request(env, operation)
|
||||
if 'HTTP_SUPPRESSAUTHHEADER' in env:
|
||||
badauth = [('Content-type', 'text/plain')]
|
||||
else:
|
||||
badauth = [('Content-type', 'text/plain'),
|
||||
('WWW-Authenticate', 'Basic realm="confluent"')]
|
||||
if authorized['code'] == 401:
|
||||
start_response(
|
||||
'401 Authentication Required',
|
||||
[('Content-type', 'text/plain'),
|
||||
('WWW-Authenticate', 'Basic realm="confluent"')])
|
||||
start_response('401 Authentication Required', badauth)
|
||||
yield 'authentication required'
|
||||
return
|
||||
if authorized['code'] == 403:
|
||||
start_response(
|
||||
'403 Forbidden',
|
||||
[('Content-type', 'text/plain'),
|
||||
('WWW-Authenticate', 'Basic realm="confluent"')])
|
||||
start_response('403 Forbidden', badauth)
|
||||
yield 'authorization failed'
|
||||
return
|
||||
if authorized['code'] != 200:
|
||||
|
Loading…
Reference in New Issue
Block a user