From 87deafa8caa36f4e10cc704a325700a94c7fb04e Mon Sep 17 00:00:00 2001
From: Johan Lundberg <lundberg@nordu.net>
Date: Thu, 23 Oct 2014 13:09:19 +0200
Subject: Do not even try to authenticate if settings are missing or the user
 is not in settings.

---
 meetingtools/apps/auth/utils.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'meetingtools/apps/auth')

diff --git a/meetingtools/apps/auth/utils.py b/meetingtools/apps/auth/utils.py
index c792b4a..ab22340 100644
--- a/meetingtools/apps/auth/utils.py
+++ b/meetingtools/apps/auth/utils.py
@@ -27,8 +27,11 @@ def groups(request):
 def report_auth(request):
     auth_data = request.META.get('HTTP_X_REPORT_AUTH', None)
     if auth_data and ':' in auth_data:
-        report_users = getattr(django_settings, 'REPORT_USERS')
-        requester, key = auth_data.split(':')
-        if report_users[requester]['key'] == key:
-            return report_users[requester]
+        try:
+            report_users = getattr(django_settings, 'REPORT_USERS')
+            requester, key = auth_data.split(':')
+            if report_users[requester]['key'] == key:
+                return report_users[requester]
+        except (AttributeError, KeyError):
+            pass
     return False
\ No newline at end of file
-- 
cgit v1.1