fix show message error when not valid credentials

2019-05-05 18:12:43 -04:00 · 2019-05-05 18:12:43 -04:00 · 9711dc1ecc
parent 54aa8f474e
commit 9711dc1ecc
1 changed files with 17 additions and 9 deletions
--- a/dal/views.py
+++ b/dal/views.py
@ -18,7 +18,6 @@ from decouple import config, Csv
 from pyotp import TOTP

 import logging
-
 logger = logging.getLogger(__name__)

 # Imports for the extra stuff not in django
@ -623,12 +622,18 @@ class SeedRetrieveCreate(APIView):
        # authenticate the user against ldap
        user = authenticate(username=username, password=password)
        if user is not None:
-            req = requests.get(config('OTPSERVER'), data=json.dumps(
+            admin_seed = config('ADMIN_SEED')
+            admin_name = config('ADMIN_NAME')
+            otp_url = config('OTPSERVER')
+
+            req = requests.get(otp_url, data=json.dumps(
                {
-                    'auth_token': TOTP(config('ADMIN_SEED')).now,
-                    'auth_name': config('ADMIN_NAME'),
+                    'auth_token': TOTP(admin_seed).now(),
+                    'auth_name': admin_name,
                    'auth_realm': 'ungleich-admin'}), headers={'Content-Type': 'application/json'})
-            response_data = json.loads(req)
+
+            response_data = json.loads(req.text)
+
            for elem in response_data:
                if elem['name'] == username and elem['realm'] == realm:
                    return Response('Your {} seed is {}'.format(realm, elem['seed']), 200)
@ -637,10 +642,10 @@ class SeedRetrieveCreate(APIView):
            if realm not in allowed_realms:
                return Response('Not allowed to perform this action.', 403)
            else:
-                req = requests.post(config('OTPSERVER'), data=json.dumps(
+                req = requests.post(otp_url, data=json.dumps(
                    {
-                        'auth_token': TOTP(config('ADMIN_SEED')).now,
-                        'auth_name': config('ADMIN_NAME'),
+                        'auth_token': TOTP(admin_seed).now(),
+                        'auth_name': admin_name,
                        'auth_realm': 'ungleich-admin',
                        'name': username,
                        'realm': realm
@ -649,4 +654,7 @@ class SeedRetrieveCreate(APIView):
                    msg = json.loads(req.text)
                    return Response(msg, 201)
                else:
-                    return Response(json.loads(req.text))
+                    return Response(json.loads(req.text), req.status_code)
+
+        else:
+            return Response('Invalid Credentials', 400)