[Hardening] Do not overwrite 'Authorization' header if already exists…

… on the request headers

geonode/utils.py

@@ -251,7 +251,7 @@ def get_headers(request, url, raw_url, allowed_hosts=[]):
             else:
                 access_token = get_or_create_token(request.user)
 
-    if access_token:
+    if 'Authorization' not in headers and access_token:
         headers['Authorization'] = 'Bearer %s' % access_token
 
     pragma = "no-cache"