Added Token Validation for test upload api

author Kanagaraj Manickam <kanagaraj.manickam@huawei.com>

Fri, 25 Sep 2020 14:55:38 +0000 (20:25 +0530)

committer Kanagaraj Manickam <kanagaraj.manickam@huawei.com>

Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)
author Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Fri, 25 Sep 2020 14:55:38 +0000 (20:25 +0530)
committer Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)
diff --git a/opnfv_testapi/resources/test_handlers.py b/opnfv_testapi/resources/test_handlers.py

index 36c4e8b..d4fc445 100644 (file)
--- a/opnfv_testapi/resources/test_handlers.py
+++ b/opnfv_testapi/resources/test_handlers.py
@@ -440,9 +440,13 @@ class TestsUploadDataHandler(GenericTestHandler):
              @raise 404: pod/project/testcase not exist
              @raise 400: body/pod_name/project_name/case_name not provided
          """
+        token = self.get_secure_cookie("token")
          openid = self.request.headers._dict['Openid']
          if openid:
              self.json_args['owner'] = openid
+        input_token = self.request.headers._dict['Token']
+        if not input_token or not input_token == token:
+            raises.Unauthorized(message.invalid_token())
  
          self._post()
author	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
	Fri, 25 Sep 2020 14:55:38 +0000 (20:25 +0530)
committer	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
	Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)