Fix pubkey auth bug

ea3f8af1 · ibuler · a75e1db9 · ea3f8af1 · ea3f8af1
Commit ea3f8af1 authored Nov 07, 2016 by ibuler
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 3 deletions

api.py apps/users/api.py +1 -1

utils.py apps/users/utils.py +8 -2

No files found.
--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -140,4 +140,4 @@ class UserTokenApi(APIView):
            cache.set('%s_%s' % (user.id, remote_addr), token, self.expiration)
            return Response({'token': token, 'id': user.id, 'username': user.username, 'name': user.name})
        else:
-            return Response({'msg': 'Invalid password or public key or user is not active or expired'})
+            return Response({'msg': 'Invalid password or public key or user is not active or expired'}, status=401)
--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@@ -187,8 +187,14 @@ def check_user_valid(**kwargs):
        return None
    if password and user.check_password(password):
        return user
-    if public_key and user.public_key == public_key:
-        return user
+    if public_key:
+        public_key_saved = user.public_key.split()
+        if len(public_key_saved) == 1:
+            if public_key == public_key_saved[0]:
+                return user
+        elif len(public_key_saved) > 1:
+            if public_key == public_key_saved[1]:
+                return user
    return None