From f118413da7151822ab96de7eb6153bce50c14f81 Mon Sep 17 00:00:00 2001
From: Kristofer Hallin <kristofer@sunet.se>
Date: Fri, 26 Nov 2021 12:35:50 +0100
Subject: Require JWT token for the /delete endpoint.

---
 src/main.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/main.py b/src/main.py
index fef4050..ad8aada 100755
--- a/src/main.py
+++ b/src/main.py
@@ -156,7 +156,10 @@ async def add(data: Request, Authorize: AuthJWT = Depends()):
 
 
 @app.delete('/sc/v0/delete/{key}')
-async def delete(key):
+async def delete(key, Authorize: AuthJWT = Depends()):
+
+    Authorize.jwt_required()
+
     if db.delete(key) is None:
         return JSONResponse(content={"status": "error",
                                      "message": "Document not found"},
-- 
cgit v1.1