Strip leading and trailing spaces from username in login route (#5104)

* Update gradio/routes.py * Update test/test_routes.py * consolidate test * add changeset * update sweep yaml --------- Co-authored-by: sweep-ai[bot] <128439645+sweep-ai[bot]@users.noreply.github.com> Co-authored-by: Abubakar Abid <abubakar@huggingface.co> Co-authored-by: gradio-pr-bot <gradio-pr-bot@users.noreply.github.com>
gradio-app · Aug 4, 2023 · 34f6b22 · 34f6b22 · vercel · Aug 4, 2023
1 parent 37caa2e
commit 34f6b22
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 2 deletions.
diff --git a/.changeset/tender-swans-trade.md b/.changeset/tender-swans-trade.md
@@ -0,0 +1,5 @@
+---
+"gradio": minor
+---
+
+feat:Strip leading and trailing spaces from username in login route
diff --git a/gradio/routes.py b/gradio/routes.py
@@ -221,7 +221,7 @@ def app_id(request: fastapi.Request) -> dict:
         @app.post("/login")
         @app.post("/login/")
         def login(form_data: OAuth2PasswordRequestForm = Depends()):
-            username, password = form_data.username, form_data.password
+            username, password = form_data.username.strip(), form_data.password
             if app.auth is None:
                 return RedirectResponse(url="/", status_code=status.HTTP_302_FOUND)
             if (

diff --git a/sweep.yaml b/sweep.yaml
@@ -1,2 +1,2 @@
 # Reference: https://github.com/sweepai/sweep/blob/main/sweep.yaml
-branch: dev
+branch: main
diff --git a/test/test_routes.py b/test/test_routes.py
@@ -465,6 +465,12 @@ def test_post_login(self):
         )
         assert response.status_code == 400
 
+        response = client.post(
+            "/login",
+            data={"username": " test ", "password": "correct_password"},
+        )
+        assert response.status_code == 200
+
 
 class TestQueueRoutes:
     @pytest.mark.asyncio