diff options
| -rw-r--r-- | ishtar_common/views.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ishtar_common/views.py b/ishtar_common/views.py index e4846e824..545c4a413 100644 --- a/ishtar_common/views.py +++ b/ishtar_common/views.py @@ -52,6 +52,7 @@ from django.http import ( Http404, HttpResponseRedirect, HttpResponseBadRequest, + HttpResponseForbidden, JsonResponse, ) from django.shortcuts import redirect, render, get_object_or_404 @@ -1598,7 +1599,7 @@ def gis_create_token(request, request_key, app_key): # prevent brut force of bots? q = models_rest.UserRequestToken.objects.filter(key=request_key) if not q.count(): - return HttpResponse(content_type="text/plain") + return HttpResponseForbidden() client_ip, __ = get_client_ip(request) token = q.all()[0].generate_token(app_key, from_ip=client_ip) return HttpResponse((token and token.key[7:]) or "", content_type="text/plain") |