Skip to content

Commit

Permalink
Optionally pass HTTP status code to error callback
Browse files Browse the repository at this point in the history
  • Loading branch information
miguelgrinberg committed Apr 26, 2020
1 parent 51748c2 commit fc8bcd6
Showing 1 changed file with 12 additions and 5 deletions.
17 changes: 12 additions & 5 deletions flask_httpauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@ def __init__(self, scheme=None, realm=None):
def default_get_password(username):
return None

def default_auth_error():
return "Unauthorized Access"
def default_auth_error(status):
return "Unauthorized Access", status

self.get_password(default_get_password)
self.error_handler(default_auth_error)
Expand Down Expand Up @@ -133,12 +133,19 @@ def decorated(*args, **kwargs):
if request.method != 'OPTIONS': # pragma: no cover
password = self.get_auth_password(auth)

status = None
user = self.authenticate(auth, password)
if user in (False, None) or not self.authorize(
role, user, auth):
if user in (False, None):
status = 401
elif not self.authorize(role, user, auth):
status = 403
if status:
# Clear TCP receive buffer of any pending data
request.data
return self.auth_error_callback()
try:
return self.auth_error_callback(status)
except TypeError:
return self.auth_error_callback()

g.flask_httpauth_user = user if user is not True \
else auth.username if auth else None
Expand Down

0 comments on commit fc8bcd6

Please sign in to comment.