fastapi_auth_partner: raise the right http code when cookies is invalid

akretion · Jun 27, 2024 · 2089603 · 2089603
1 parent db93644
commit 2089603
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/fastapi_auth_partner/dependencies.py b/fastapi_auth_partner/dependencies.py
@@ -48,9 +48,13 @@ def __call__(
 
         elif fastapi_auth_partner:
             directory = endpoint.sudo().directory_id
-            vals = URLSafeTimedSerializer(directory.cookie_secret_key).loads(
-                fastapi_auth_partner, max_age=directory.cookie_duration * 60
-            )
+            try:
+                vals = URLSafeTimedSerializer(directory.cookie_secret_key).loads(
+                    fastapi_auth_partner, max_age=directory.cookie_duration * 60
+                )
+            except Exception as e:
+                _logger.error("Invalid cookies error %s", e)
+                raise HTTPException(status_code=HTTP_401_UNAUTHORIZED) from e
             if vals["did"] == directory.id and vals["pid"]:
                 partner = env["res.partner"].browse(vals["pid"]).exists()
                 if partner: