From f4c52e30cc86c8d54cfaa04aadec46068ed95771 Mon Sep 17 00:00:00 2001
From: Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Date: Fri, 25 Sep 2020 20:25:38 +0530
Subject: [PATCH] Added Token Validation for test upload api

Issue-ID: DOVETAIL-801
Signed-off-by: Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Change-Id: I4e4d4c5fdbb16ebf79a039039bd16fa59dbb04e1
---
 opnfv_testapi/resources/test_handlers.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/opnfv_testapi/resources/test_handlers.py b/opnfv_testapi/resources/test_handlers.py
index 36c4e8b..d4fc445 100644
--- a/opnfv_testapi/resources/test_handlers.py
+++ b/opnfv_testapi/resources/test_handlers.py
@@ -440,9 +440,13 @@ class TestsUploadDataHandler(GenericTestHandler):
             @raise 404: pod/project/testcase not exist
             @raise 400: body/pod_name/project_name/case_name not provided
         """
+        token = self.get_secure_cookie("token")
         openid = self.request.headers._dict['Openid']
         if openid:
             self.json_args['owner'] = openid
+        input_token = self.request.headers._dict['Token']
+        if not input_token or not input_token == token:
+            raises.Unauthorized(message.invalid_token())
 
         self._post()
 
-- 
2.16.6