From 4be8da0a6550d0486ff6ad1266736994d36bdb1d Mon Sep 17 00:00:00 2001
From: Pinapelz <yukais@pinapelz.com>
Date: Thu, 14 Dec 2023 09:13:02 -0800
Subject: fix: remove auth validation from /clear_sessions - Prevents cron job
 from running

---
 api/app.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/app.py b/api/app.py
index 37fe900..d0c2f48 100644
--- a/api/app.py
+++ b/api/app.py
@@ -211,9 +211,9 @@ def verify_answers():
 @app.route("/api/clear_sessions")
 def clear_sessions():
     auth = request.headers.get("Authorization")
-    stored_auth = os.environ.get("AUTHORIZATION")
     cron_secret = os.environ.get("CRON_SECRET")
-    if auth != stored_auth or auth != cron_secret:
+    print("Checking if " + auth + " matches " + cron_secret)
+    if auth.strip() != cron_secret.strip():
         return jsonify({"error": "Unauthorized"}), 401
     server = create_database_connection()
     if server.check_health() is False:
-- 
cgit v1.2.3