I wrote a simple check in django that requires the access token to be passed in some requests (I use a decorator).
authorization = request.META.get('HTTP_AUTHORIZATION', None)
form = AccessTokenForm({ 'access_token': authorization })
if not form.is_valid():
raise exceptions.HttpDeniedException()
This works fine with the django development server, but lately I deployed it using Apache and now it no longer works as a variable authorisation None. Has anyone come across something similar before? The client passes the header as Authorization; again, this works fine in localhost, but not on the remote server.
Edit: I found this one and it seems like it should work, but it is not. In fact, I didnβt even have a .htaccess file, and adding it did not seem to have any effect at all. Here is the content:
RewriteEngine On
RewriteRule ^(media/.*)$ - [L]
RewriteRule ^(static/.*)$ - [L]
RewriteCond %{REQUEST_URL} !(dispatch.fcgi)
RewriteRule ^(.*)$ dispatch.fcgi/$1 [QSA,L,E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
The fact is, I'm not even sure that Apache uses this at all.