From b47c5d5f321c34bc0247c5da28610ce485d1bc04 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Fri, 4 Nov 2022 14:40:32 -0700
Subject: [PATCH] Add 401 if login fails

---
 main.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/main.py b/main.py
index 329ba04..8f5bd78 100644
--- a/main.py
+++ b/main.py
@@ -1,6 +1,7 @@
 import os
 
 from flask import Flask
+from flask import Response
 from flask import request
 from hvac import Client
 
@@ -42,14 +43,17 @@ def login():
 </html>
 """
     elif request.method == "POST":
-        client = Client(VAULT_ADDR)
         username, password = request.form["username"], request.form["password"]
+
+        client = Client(VAULT_ADDR)
         client.auth.userpass.login(username, password)
-        assert client.is_authenticated()
+        if not client.is_authenticated():
+            return Response(response="Unauthorized", status=401)
 
         role = request.form.get("role")
         nomad_creds = client.read(f"nomad/creds/{role or NOMAD_ROLE}")
         nomad_token = nomad_creds["data"]["secret_id"]
+
         return f"""
 <html><head>
 <script>localStorage.setItem("nomadTokenSecret", "{nomad_token}"); window.location.replace("/ui/settings/tokens");</script>