Mercurial > kallithea

diff rhodecode/controllers/api/__init__.py @ 1693:60249224be04 beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix for api key lookup, reuse same function in user model
author Marcin Kuzminski <marcin@python-works.com>
date Thu, 17 Nov 2011 18:52:48 +0200
parents fe5575f95850
children fee9895fa46e
line wrap: on
line diff
--- a/rhodecode/controllers/api/__init__.py	Thu Nov 17 18:33:44 2011 +0200
+++ b/rhodecode/controllers/api/__init__.py	Thu Nov 17 18:52:48 2011 +0200
@@ -114,7 +114,7 @@
             return jsonrpc_error(message="JSON parse error ERR:%s RAW:%r" \
                                  % (e, urllib.unquote_plus(raw_body)))
 
-        #check AUTH based on API KEY
+        # check AUTH based on API KEY
         try:
             self._req_api_key = json_body['api_key']
             self._req_method = json_body['method']
@@ -125,9 +125,11 @@
         except KeyError, e:
             return jsonrpc_error(message='Incorrect JSON query missing %s' % e)
 
-        #check if we can find this session using api_key
+        # check if we can find this session using api_key
         try:
             u = User.get_by_api_key(self._req_api_key)
+            if u is None:
+                return jsonrpc_error(message='Invalid API KEY')
             auth_u = AuthUser(u.user_id, self._req_api_key)
         except Exception, e:
             return jsonrpc_error(message='Invalid API KEY')