Fix for #74 do not fail with empty request to /auth in simple.py , also using request.get_json()

reiven · reiven · commit b57c2cfc17ab · 2017-08-01T18:08:24.000-03:00
diff --git a/examples/simple.py b/examples/simple.py
@@ -13,15 +13,19 @@
 # function is used to actually generate the token
 @app.route('/login', methods=['POST'])
 def login():
-    username = request.json.get('username', None)
-    password = request.json.get('password', None)
-    if username != 'test' or password != 'test':
-        return jsonify({"msg": "Bad username or password"}), 401
-
-    # Identity can be any data that is json serializable
-    ret = {'access_token': create_access_token(identity=username)}
-    return jsonify(ret), 200
-
+    if request.is_json:
+        params = request.get_json()
+        if 'username' in params.keys() and 'password' in params.keys():
+            if params['username'] != 'test' or params['password'] != 'test':
+                return jsonify({"msg": "Bad username or password"}), 401
+        else:
+            return jsonify({"msg": "Missing auth parameters"}), 401
+
+        # Identity can be any data that is json serializable
+        ret = {'access_token': create_access_token(identity=params['username'])}
+        return jsonify(ret), 200
+    else:
+        return jsonify({"msg": "Missing auth"}), 401
 
 # Protect a view with jwt_required, which requires a valid access token
 # in the request to access.
