diff options
| author | Pinapelz <yukais@pinapelz.com> | 2023-12-14 09:13:02 -0800 |
|---|---|---|
| committer | Pinapelz <yukais@pinapelz.com> | 2023-12-14 09:13:02 -0800 |
| commit | 4be8da0a6550d0486ff6ad1266736994d36bdb1d (patch) | |
| tree | 3daf002c3b1113436bd140ee32b201fd066bad8e /api | |
| parent | 68489728b7b90fb4382964060ea5707a5c43ddea (diff) | |
fix: remove auth validation from /clear_sessions
- Prevents cron job from running
Diffstat (limited to 'api')
| -rw-r--r-- | api/app.py | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -211,9 +211,9 @@ def verify_answers(): @app.route("/api/clear_sessions") def clear_sessions(): auth = request.headers.get("Authorization") - stored_auth = os.environ.get("AUTHORIZATION") cron_secret = os.environ.get("CRON_SECRET") - if auth != stored_auth or auth != cron_secret: + print("Checking if " + auth + " matches " + cron_secret) + if auth.strip() != cron_secret.strip(): return jsonify({"error": "Unauthorized"}), 401 server = create_database_connection() if server.check_health() is False: |