1 files changed, 12 insertions, 8 deletions

diff --git a/src/mailman/rest/root.py b/src/mailman/rest/root.py
index 581879869..f34e0eb77 100644
--- a/src/mailman/rest/root.py
+++ b/src/mailman/rest/root.py
@@ -25,8 +25,8 @@ __all__ = [
     ]
 
 
-from restish import http, resource, guard
 from base64 import b64decode
+from restish import guard, http, resource
 
 from mailman.config import config
 from mailman.core.system import system
@@ -38,14 +38,17 @@ from mailman.rest.members import AllMembers
 
 
 def webservice_auth_checker(request, obj):
-    if "HTTP_AUTHORIZATION" in request.environ and request.environ["HTTP_AUTHORIZATION"].startswith("Basic "):
-        credentials = b64decode(request.environ["HTTP_AUTHORIZATION"][6:])
-        username, password = credentials.split(":", 1)
-
-        if username != config.webservice.admin_user or password != config.webservice.admin_pass:
-            raise guard.GuardError(str("User is not authorized for the REST api."))
+    auth = request.environ.get('HTTP_AUTHORIZATION', '')
+    if auth.startswith('Basic '):
+        credentials = b64decode(auth[6:])
+        username, password = credentials.split(':', 1)
+        if (username != config.webservice.admin_user or
+            password != config.webservice.admin_pass):
+            # Not authorized.
+            raise guard.GuardError(b'User is not authorized for the REST API')
     else:
-        raise guard.GuardError(str("The REST api requires authentication."))
+        raise guard.GuardError(b'The REST API requires authentication')
+
 
 class Root(resource.Resource):
     """The RESTful root resource.
@@ -61,6 +64,7 @@ class Root(resource.Resource):
     def api_version(self, request, segments):
         return TopLevel()
 
+
 class TopLevel(resource.Resource):
     """Top level collections and entries."""