Return a 401 when doing a login with bad credentials
This commit is contained in:
		
							parent
							
								
									ec396226c3
								
							
						
					
					
						commit
						0c44949017
					
				
					 1 changed files with 4 additions and 0 deletions
				
			
		|  | @ -103,6 +103,10 @@ def generate_registry_jwt(): | |||
|       'actions': actions, | ||||
|     }) | ||||
| 
 | ||||
|   elif user is None and token is None: | ||||
|     # In this case, we are doing an auth flow, and it's not an anonymous pull | ||||
|     return abort(401) | ||||
| 
 | ||||
|   token_data = { | ||||
|     'iss': app.config['JWT_AUTH_TOKEN_ISSUER'], | ||||
|     'aud': audience_param, | ||||
|  |  | |||
		Reference in a new issue