From 5ad871f1248027fba718ff0e5fda0a3dcd247751 Mon Sep 17 00:00:00 2001 From: William Colmenares Date: Thu, 16 May 2019 16:35:44 -0400 Subject: [PATCH] updated for read vm realm --- dynamicweb/settings/base.py | 2 +- hosting/views.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dynamicweb/settings/base.py b/dynamicweb/settings/base.py index 27909813..1051c4ab 100644 --- a/dynamicweb/settings/base.py +++ b/dynamicweb/settings/base.py @@ -721,7 +721,7 @@ X_FRAME_OPTIONS = ('SAMEORIGIN' if X_FRAME_OPTIONS_ALLOW_FROM_URI is None else DEBUG = bool_env('DEBUG') -ACCOUNT_NAME = env('ACCOUNT_NAME') +READ_VM_REALM = env('READ_VM_REALM') AUTH_NAME = env('AUTH_NAME') AUTH_SEED = env('AUTH_SEED') AUTH_REALM = env('AUTH_REALM') diff --git a/hosting/views.py b/hosting/views.py index 88adaf22..cd6aa4f3 100644 --- a/hosting/views.py +++ b/hosting/views.py @@ -1773,7 +1773,7 @@ class CheckUserVM(APIView): user = request.data['user'] realm = request.data['realm'] token = request.data['token'] - if user != settings.ACCOUNT_NAME: + if realm != settings.READ_VM_REALM: return Response("User not allowed", 403) response = check_otp(user, realm, token) if response != 200: