From d9894415875fb3628ca21c7cb0f83f48b04c19d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?dni=20=E2=9A=A1?= Date: Sat, 13 Aug 2022 14:47:29 +0200 Subject: [PATCH] added test for issue #847 and fixed it! (#848) * added test for empty post data, for issue #847 * black * fixed the failing testcase * Update lnbits/decorators.py Co-authored-by: calle <93376500+callebtc@users.noreply.github.com> Co-authored-by: dni Co-authored-by: calle <93376500+callebtc@users.noreply.github.com> --- lnbits/decorators.py | 8 +++++++- tests/core/views/test_api.py | 7 +++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 6685cfb2d..090c11c51 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -199,7 +199,13 @@ async def require_invoice_key( api_key_header: str = Security(api_key_header), # type: ignore api_key_query: str = Security(api_key_query), # type: ignore ): - token = api_key_header if api_key_header else api_key_query + token = api_key_header or api_key_query + + if token is None: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail="Invoice (or Admin) key required.", + ) wallet = await get_key_type(r, token) diff --git a/tests/core/views/test_api.py b/tests/core/views/test_api.py index 501379b8f..219762d3c 100644 --- a/tests/core/views/test_api.py +++ b/tests/core/views/test_api.py @@ -45,6 +45,13 @@ async def test_get_wallet_adminkey(client, adminkey_headers_to): assert "id" in result +# check POST /api/v1/payments: empty request +@pytest.mark.asyncio +async def test_post_empty_request(client): + response = await client.post("/api/v1/payments") + assert response.status_code == 401 + + # check POST /api/v1/payments: invoice creation @pytest.mark.asyncio async def test_create_invoice(client, inkey_headers_to):