peter/go-gitea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

make sure users that don't have to view the form get redirected

Browse Source
This commit is contained in:
Lanre Adelowo 2018-07-21 22:08:52 +01:00
parent 7e67ecc16a
commit 59432fae0a
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/context/auth.go
View File

@ -40,9 +40,16 @@ func Toggle(options *ToggleOptions) macaron.Handler {
} }
// prevent infinite redirection // prevent infinite redirection
// also make sure that the form cannot be accessed by
// users who don't need this
if ctx.Req.URL.Path == setting.AppSubURL+"/user/change_password" { if ctx.Req.URL.Path == setting.AppSubURL+"/user/change_password" {
if !ctx.User.MustChangePassword {
ctx.Redirect(setting.AppSubURL + "/")
}
return return
} else if ctx.User.MustChangePassword { }
if ctx.User.MustChangePassword {
ctx.Data["Title"] = ctx.Tr("auth.must_change_password") ctx.Data["Title"] = ctx.Tr("auth.must_change_password")
ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password" ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password"
ctx.Redirect(setting.AppSubURL + "/user/change_password") ctx.Redirect(setting.AppSubURL + "/user/change_password")