From a36e233051b35d3ca44b5bd38f8f6262c16c1833 Mon Sep 17 00:00:00 2001
From: rubenwardy <rw@rubenwardy.com>
Date: Tue, 19 May 2020 17:24:57 +0100
Subject: Fix API auth crash and add more error messages

---
 app/blueprints/api/endpoints.py | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'app/blueprints/api/endpoints.py')

diff --git a/app/blueprints/api/endpoints.py b/app/blueprints/api/endpoints.py
index 65af3b0..29a9ec2 100644
--- a/app/blueprints/api/endpoints.py
+++ b/app/blueprints/api/endpoints.py
@@ -143,19 +143,21 @@ def markdown():
 @is_package_page
 @is_api_authd
 def create_release(token, package):
+	if not token:
+		error(401, "Authentication needed")
+
 	if not package.checkPerm(token.owner, Permission.APPROVE_RELEASE):
-		return error(403, "You do not have the permission to approve releases")
+		error(403, "You do not have the permission to approve releases")
 
 	json = request.json
 	if json is None:
-		return error(400, "JSON post data is required")
+		error(400, "JSON post data is required")
 
 	for option in ["method", "title", "ref"]:
 		if json.get(option) is None:
-			return error(400, option + " is required in the POST data")
-
+			error(400, option + " is required in the POST data")
 
 	if json["method"].lower() != "git":
-		return error(400, "Release-creation methods other than git are not supported")
+		error(400, "Release-creation methods other than git are not supported")
 
 	return handleCreateRelease(token, package, json["title"], json["ref"])
-- 
cgit v1.2.3