Refactor token authentication: streamline bearer token validation and improve error handling

This commit is contained in:
Ross
2026-02-23 12:41:58 +00:00
parent a3ac91437f
commit c00e08d63e
+9 -5
View File
@@ -16,8 +16,8 @@ from pydicom.errors import InvalidDicomError
from generic.decorators import check_user_in_group
from generic.constants import Group
from ninja.security import django_auth
from ninja.security import HttpBearer, HttpError
from ninja.security import django_auth, HttpBearer
from ninja.errors import HttpError
from ninja import NinjaAPI, File
from ninja.files import UploadedFile
@@ -26,7 +26,6 @@ import secrets
from django.utils import timezone
from django.contrib.auth import authenticate
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.csrf import csrf_exempt
from django.middleware.csrf import CsrfViewMiddleware
from generic.models import Examination, Modality
@@ -420,10 +419,15 @@ def token_check(request):
auth = request.META.get("HTTP_AUTHORIZATION")
token_obj = None
# If header present, try TokenAuth path (this will set request.api_token)
# If header present, validate bearer token explicitly
if auth:
parts = auth.split()
if len(parts) != 2 or parts[0].lower() != "bearer":
return JsonResponse({"valid": False}, status=401)
token = parts[1]
try:
user = TokenAuth()(request)
bearer = BearerAuth()
user = bearer.authenticate(request, token)
token_obj = getattr(request, "api_token", None)
except HttpError:
return JsonResponse({"valid": False}, status=401)