CORD-2922 require authentication for all XOS APIs Change-Id: Ie1d5ca8a36fa2ba68bf581bd90f2e72d6c78fa20

commit: 31b01c4e0f631c63b49e093f0bd55f57631a5d11 [log] [tgz]
author: Scott Baker <smbaker@gmail.com> Tue Apr 24 09:17:39 2018 -0700
committer: Scott Baker <scottb@onlab.us> Wed Apr 25 16:47:22 2018 +0000
tree: 44ce56772e467a7a537d001e0d192270b9e52349
parent: 23d8c1ecfd7f9d2e48e48f3d3251df4671118f34 [diff]
diff --git a/xos/coreapi/apihelper.py b/xos/coreapi/apihelper.py
index 3bb2abb..cef1327 100644
--- a/xos/coreapi/apihelper.py
+++ b/xos/coreapi/apihelper.py

@@ -612,7 +612,7 @@
             log.exception("Exception in apihelper.filter")
             raise
 
-    def authenticate(self, context, required=False):
+    def authenticate(self, context, required=True):
         for (k, v) in context.invocation_metadata():
             if (k.lower() == "authorization"):
                 (method, auth) = v.split(" ", 1)
@@ -633,10 +633,10 @@
                     raise XOSPermissionDenied(
                         "failed to authenticate token %s" % v)
                 user = User.objects.get(id=id)
-                print "authenticated sessionid %s as %s" % (v, user)
+                log.info("authenticated sessionid %s as %s" % (v, user))
                 return user
 
         if required:
-            raise XOSPermissionDenied("This API requires authentication")
+            raise XOSNotAuthenticated("This API requires authentication")
 
         return None
commit	31b01c4e0f631c63b49e093f0bd55f57631a5d11	[log] [tgz]
author	Scott Baker <smbaker@gmail.com>	Tue Apr 24 09:17:39 2018 -0700
committer	Scott Baker <scottb@onlab.us>	Wed Apr 25 16:47:22 2018 +0000
tree	44ce56772e467a7a537d001e0d192270b9e52349
parent	23d8c1ecfd7f9d2e48e48f3d3251df4671118f34 [diff]