Adding for handling proxy-based errors

2015-06-25 18:08:04 -07:00 · 2015-06-25 18:08:04 -07:00 · e2475fb024
parent 7c996e2f48
commit e2475fb024
2 changed files with 10 additions and 3 deletions
--- a/lemur/auth/service.py
+++ b/lemur/auth/service.py
@ -98,6 +98,10 @@ def login_required(f):

        try:
            token = request.headers.get('Authorization').split()[1]
+        except Exception as e:
+            return dict(message='Token is invalid'), 403
+
+        try:
            payload = jwt.decode(token, current_app.config['TOKEN_SECRET'])
        except jwt.DecodeError:
            return dict(message='Token is invalid'), 403
@ -108,7 +112,7 @@ def login_required(f):

        g.current_user = user_service.get(payload['sub'])

-        if not g.current_user.id:
+        if not g.current_user:
            return dict(message='You are not logged in'), 403

        # Tell Flask-Principal the identity changed
--- a/lemur/common/utils.py
+++ b/lemur/common/utils.py
@ -45,11 +45,14 @@ class marshal_items(object):

                return marshal(resp, self.fields)
            except Exception as e:
+                current_app.logger.exception(e)
                # this is a little weird hack to respect flask restful parsing errors on marshaled functions
                if hasattr(e, 'code'):
-                    return {'message': e.data['message']}, 400
+                    if hasattr(e, 'data'):
+                        return {'message': e.data['message']}, 400
+                    else:
+                        return {'message': 'unknown'}, 400
                else:
-                    current_app.logger.exception(e)
                    return {'message': e.message}, 400
        return wrapper