Feat: explore apps (#196)

api/controllers/web/wraps.py

@@ -42,13 +42,16 @@ def validate_and_get_site():
     """
     auth_header = request.headers.get('Authorization')
     if auth_header is None:
-        raise Unauthorized()
+        raise Unauthorized('Authorization header is missing.')
+
+    if ' ' not in auth_header:
+        raise Unauthorized('Invalid Authorization header format. Expected \'Bearer <api-key>\' format.')
 
     auth_scheme, auth_token = auth_header.split(None, 1)
     auth_scheme = auth_scheme.lower()
 
     if auth_scheme != 'bearer':
-        raise Unauthorized()
+        raise Unauthorized('Invalid Authorization header format. Expected \'Bearer <api-key>\' format.')
 
     site = db.session.query(Site).filter(
         Site.code == auth_token,