#4: Change how POST checks are done.

ral-facilities · Jun 18, 2019 · 0cc96d2 · 0cc96d2
1 parent 08fc3e6
commit 0cc96d2
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/resources/non_entities/sessions_endpoints.py b/src/resources/non_entities/sessions_endpoints.py
@@ -15,9 +15,9 @@ def post(self):
         Generates a sessionID if the user has correct credentials
         :return: String - SessionID
         """
-        if request.data == b"":  # request.data returns a byte object, it can only be checked for empty like this
-            return "Unauthorized", 401
-        if request.json == {"username": "user", "password": "password"}:
+        if not (request.data and "username" in request.json and "password" in request.json):
+            return "Bad request", 400
+        if request.json["username"] == "user" and request.json["password"] == "password":
             session_id = str(uuid.uuid1())
             insert_row_into_table(SESSION(ID=session_id))
             return {"sessionID": session_id}, 201