Merge pull request #954 from jakedt/badcreds
Return a 401 when doing a login with bad credentials
This commit is contained in:
Jake Moshenko
commit
4c3e41984d
1 changed files with 4 additions and 0 deletions
|
|
@ -103,6 +103,10 @@ def generate_registry_jwt():
|
|||
'actions': actions,
|
||||
})
|
||||
|
||||
elif user is None and token is None:
|
||||
# In this case, we are doing an auth flow, and it's not an anonymous pull
|
||||
return abort(401)
|
||||
|
||||
token_data = {
|
||||
'iss': app.config['JWT_AUTH_TOKEN_ISSUER'],
|
||||
'aud': audience_param,
|
||||
|
|
|
|||
Reference in a new issue