Add 401 if login fails

2022-11-04 14:40:32 -07:00 · 2022-11-04 14:40:32 -07:00 · b47c5d5f32
parent b1cbe02cc8
commit b47c5d5f32
1 changed files with 6 additions and 2 deletions
--- a/main.py
+++ b/main.py
@ -1,6 +1,7 @@
 import os

 from flask import Flask
+from flask import Response
 from flask import request
 from hvac import Client

@ -42,14 +43,17 @@ def login():
 </html>
 """
    elif request.method == "POST":
-        client = Client(VAULT_ADDR)
        username, password = request.form["username"], request.form["password"]
+
+        client = Client(VAULT_ADDR)
        client.auth.userpass.login(username, password)
-        assert client.is_authenticated()
+        if not client.is_authenticated():
+            return Response(response="Unauthorized", status=401)

        role = request.form.get("role")
        nomad_creds = client.read(f"nomad/creds/{role or NOMAD_ROLE}")
        nomad_token = nomad_creds["data"]["secret_id"]
+
        return f"""
 <html><head>
 <script>localStorage.setItem("nomadTokenSecret", "{nomad_token}"); window.location.replace("/ui/settings/tokens");</script>