amorfo77/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2026-06-25 06:44:19 +00:00
Code Issues Projects Releases Wiki Activity

Fixhancement: only offer basic auth for appropriate requests (#12362)

Browse Source
This commit is contained in:
shamoon
2026-03-16 22:07:12 -07:00
committed by GitHub
parent 1e00ad5f30
commit 7942edfdf4
5 changed files with 213 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/documents/tests/test_api_status.py
+7
View File
@@ -57,11 +57,18 @@ class TestSystemStatus(APITestCase):
"""
response = self.client.get(self.ENDPOINT)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
self.assertEqual(response["WWW-Authenticate"], "Token")
normal_user = User.objects.create_user(username="normal_user")
self.client.force_login(normal_user)
response = self.client.get(self.ENDPOINT)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_system_status_with_bad_basic_auth_challenges(self) -> None:
self.client.credentials(HTTP_AUTHORIZATION="Basic invalid")
response = self.client.get(self.ENDPOINT)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
self.assertEqual(response["WWW-Authenticate"], 'Basic realm="api"')
def test_system_status_container_detection(self):
"""
GIVEN: