From a85e8168101441dfd535c3391bc893527f43f4ac Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Wed, 9 Sep 2020 17:07:32 +0300 Subject: [PATCH] User not found: return a 401 instead of a 404. --- django_etebase/views.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/django_etebase/views.py b/django_etebase/views.py index 97cb2f0..7a6ea7d 100644 --- a/django_etebase/views.py +++ b/django_etebase/views.py @@ -30,6 +30,7 @@ from rest_framework.decorators import action as action_decorator from rest_framework.response import Response from rest_framework.parsers import JSONParser, FormParser, MultiPartParser from rest_framework.renderers import BrowsableAPIRenderer +from rest_framework.exceptions import AuthenticationFailed import nacl.encoding import nacl.signing @@ -654,7 +655,11 @@ class AuthenticationViewSet(viewsets.ViewSet): def get_login_user(self, username): kwargs = {User.USERNAME_FIELD: username.lower()} - return get_object_or_404(self.get_queryset(), **kwargs) + try: + return self.get_queryset().get(**kwargs) + except User.DoesNotExist: + raise AuthenticationFailed({'code': 'user_not_found', 'detail': 'User not found'}) + def validate_login_request(self, request, validated_data, response_raw, signature, expected_action): from datetime import datetime