Return a 401 when doing a login with bad credentials
This commit is contained in:
Jake Moshenko
parent
ec396226c3
commit
0c44949017
1 changed files with 4 additions and 0 deletions
|
|
@ -103,6 +103,10 @@ def generate_registry_jwt():
|
||||||
'actions': actions,
|
'actions': actions,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
elif user is None and token is None:
|
||||||
|
# In this case, we are doing an auth flow, and it's not an anonymous pull
|
||||||
|
return abort(401)
|
||||||
|
|
||||||
token_data = {
|
token_data = {
|
||||||
'iss': app.config['JWT_AUTH_TOKEN_ISSUER'],
|
'iss': app.config['JWT_AUTH_TOKEN_ISSUER'],
|
||||||
'aud': audience_param,
|
'aud': audience_param,
|
||||||
|
|
|
||||||
Reference in a new issue