Commit 06807c69 authored by BAIRE Anthony's avatar BAIRE Anthony
Browse files

mandate minimum token size

parent 7fb868df
......@@ -11,6 +11,9 @@ from .tokens import Token
log = logging.getLogger('jwt')
# tokens below this size will automatically be rejected (to prevent any
# misconfiguration)
MIN_TOKEN_SIZE = 32
@csrf_exempt
def registry_manifest(request, repo, tag):
......@@ -142,6 +145,9 @@ def jwt_auth(request):
username, password = base64.b64decode(credentials).decode('utf-8').split(':', 1)
#log.debug('HTTP_AUTHORIZATION %s username %s', auth_header, username)
if username == "$token":
if len(password) < MIN_TOKEN_SIZE:
log.info("provided token is too short")
return HttpResponse(status=401)
try:
actor = Runner.objects.get(token=password)
log.info("Token for runner called")
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment