From ea3f8af1615cc5171f81d6fea4693a3042701eb2 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 7 Nov 2016 16:59:52 +0800
Subject: [PATCH] Fix pubkey auth bug

---
 apps/users/api.py   |  2 +-
 apps/users/utils.py | 10 ++++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/apps/users/api.py b/apps/users/api.py
index 13cb666be..611bcbc0a 100644
--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -140,4 +140,4 @@ class UserTokenApi(APIView):
             cache.set('%s_%s' % (user.id, remote_addr), token, self.expiration)
             return Response({'token': token, 'id': user.id, 'username': user.username, 'name': user.name})
         else:
-            return Response({'msg': 'Invalid password or public key or user is not active or expired'})
+            return Response({'msg': 'Invalid password or public key or user is not active or expired'}, status=401)
diff --git a/apps/users/utils.py b/apps/users/utils.py
index 129bc6d78..29eabceb0 100644
--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@@ -187,8 +187,14 @@ def check_user_valid(**kwargs):
         return None
     if password and user.check_password(password):
         return user
-    if public_key and user.public_key == public_key:
-        return user
+    if public_key:
+        public_key_saved = user.public_key.split()
+        if len(public_key_saved) == 1:
+            if public_key == public_key_saved[0]:
+                return user
+        elif len(public_key_saved) > 1:
+            if public_key == public_key_saved[1]:
+                return user
     return None