From fc4a46bd9cec3c2526d5edeaa751da4b50a206b9 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Fri, 17 Jan 2020 11:16:23 +0100
Subject: [PATCH] root: fix credential variables overwriting each other

---
 passbook/root/monitoring.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/passbook/root/monitoring.py b/passbook/root/monitoring.py
index 05e82a90d..b0f95ed45 100644
--- a/passbook/root/monitoring.py
+++ b/passbook/root/monitoring.py
@@ -13,11 +13,11 @@ class MetricsView(View):
     def get(self, request: HttpRequest) -> HttpResponse:
         """Check for HTTP-Basic auth"""
         auth_header = request.META.get("HTTP_AUTHORIZATION", "")
-        auth_type, _, credentials = auth_header.partition(" ")
+        auth_type, _, given_credentials = auth_header.partition(" ")
         credentials = f"monitor:{settings.SECRET_KEY}"
         expected = b64encode(str.encode(credentials)).decode()
 
-        if auth_type != "Basic" or credentials != expected:
+        if auth_type != "Basic" or given_credentials != expected:
             response = HttpResponse(status=401)
             response['WWW-Authenticate'] = 'Basic realm="passbook-monitoring"'
             return response