VladPolskiy/postgres-web
1
0
Fork 0
mirror of https://github.com/postgres/pgweb.git synced 2025-08-12 23:05:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Force login before giving community auth consent

Browse Source 
In the normal workflow this would always happen, but if the user got to
the page without being logged in (probably most likely to happen if the
session timed out while waiting to proceed) we would crash on trying to
create an invalid consent record. Instead, force a re-login in this
case.
This commit is contained in:
Magnus Hagander
2018-06-25 16:43:59 +02:00
parent ff1222337a
commit c597b0288c
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pgweb/account/views.py
View File

@ -538,6 +538,7 @@ def communityauth_logout(request, siteid):
# Redirect user back to the specified suburl
return HttpResponseRedirect("%s?s=logout" % site.redirecturl)
@login_required
def communityauth_consent(request, siteid):
org = get_object_or_404(CommunityAuthSite, id=siteid).org
if request.method == 'POST':