redirect non logged in users

previously it'd show an error because non logged in users don't have the
can_use_webauthn attribute. now we can just bounce them to the sign-in
page
This commit is contained in:
Leo Hemsted
2021-08-13 18:21:52 +01:00
parent 0b27d7e0a9
commit b7e50fc638

View File

@@ -232,6 +232,7 @@ def user_profile_disable_platform_admin_view():
@main.route("/user-profile/security-keys", methods=['GET'])
@user_is_logged_in
def user_profile_security_keys():
if not current_user.can_use_webauthn:
abort(403)
@@ -251,6 +252,7 @@ def user_profile_security_keys():
methods=['GET'],
endpoint="user_profile_confirm_delete_security_key"
)
@user_is_logged_in
def user_profile_manage_security_key(key_id):
if not current_user.can_use_webauthn:
abort(403)
@@ -282,6 +284,7 @@ def user_profile_manage_security_key(key_id):
@main.route("/user-profile/security-keys/<uuid:key_id>/delete", methods=['POST'])
@user_is_logged_in
def user_profile_delete_security_key(key_id):
if not current_user.can_use_webauthn:
abort(403)