Merge pull request #64 from ral-facilities/61_return_401_for_no_crede…

…ntials

Handle no credentials

common/exceptions.py

@@ -14,6 +14,10 @@ class AuthenticationError(ApiError):
     pass
 
 
+class MissingCredentialsError(AuthenticationError):
+    pass
+
+
 class BadRequestError(ApiError):
     pass
 

common/helpers.py

@@ -7,7 +7,8 @@
 from sqlalchemy.exc import IntegrityError
 
 from common.database_helpers import QueryFilterFactory
-from common.exceptions import MissingRecordError, BadFilterError, AuthenticationError, BadRequestError
+from common.exceptions import MissingRecordError, BadFilterError, AuthenticationError, BadRequestError, \
+    MissingCredentialsError
 from common.models.db_models import SESSION
 from common.session_manager import session_manager
 
@@ -39,9 +40,12 @@ def wrapper_requires_session(*args, **kwargs):
                 log.info(" Could not authenticate consumer, closing DB session")
                 session.close()
                 return "Forbidden", 403
+        except MissingCredentialsError:
+            return "Unauthorized", 401
         except AuthenticationError:
             return "Forbidden", 403
 
+
     return wrapper_requires_session
 
 
@@ -89,7 +93,7 @@ def get_session_id_from_auth_header():
     args = parser.parse_args()
     auth_header = args["Authorization"].split(" ") if args["Authorization"] is not None else ""
     if auth_header == "":
-        return ""
+        raise MissingCredentialsError(f"No credentials provided in auth header")
     if len(auth_header) != 2 or auth_header[0] != "Bearer":
         raise AuthenticationError(f" Could not authenticate consumer with auth header {auth_header}")
     return auth_header[1]