mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-05-27 09:29:22 -04:00
e864100be7
flashes are consumed by the jinja template calling get_flashed_messages in flash_messages.html. When you call `abort(403)` the 403 error page is rendered, with the flashed message on it. However, the webauthn endpoints just return that page to the ajax `fetch`, which ignores the response and just reloads the page. Instead of calling abort, we can just return an empty response body and the 403 error code, so that the flashed messages stay in the session and will be rendered when the `GET /two-factor-webauthn` request happens after the js reloads the page.