diff options
| author | Pinapelz <yukais@pinapelz.com> | 2023-11-06 19:38:36 -0800 |
|---|---|---|
| committer | Pinapelz <yukais@pinapelz.com> | 2023-11-06 19:38:36 -0800 |
| commit | e300f3081f1565cce8224a0c7d08ec1497049e4a (patch) | |
| tree | b19c347479b38e5fdee5a4dceb3cc02a9ceef5b0 | |
| parent | d89e202a31557e3cbdebc91b7d5eeff70c902b14 (diff) | |
add checking cron secret as part of header
| -rw-r--r-- | api/app.py | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -212,7 +212,8 @@ def verify_answers(): def clear_sessions(): auth = request.headers.get("Authorization") stored_auth = os.environ.get("AUTHORIZATION") - if auth != stored_auth: + cron_secret = os.environ.get("CRON_SECRET") + if auth != stored_auth or auth != cron_secret: return jsonify({"error": "Unauthorized"}), 401 server = create_database_connection() if server.check_health() is False: |