returning 401 for unauthorized API calls while redirecting to /login for unauthorized page access

2025-06-06 18:08:33 +02:00 · 2017-09-30 18:38:22 -04:00 · 2017-09-30 18:38:22 -04:00 · 734b45dc67
commit 734b45dc67
parent e28c06ef37
2 changed files with 11 additions and 1 deletions
--- a/5
+++ b/5
@ -1,4 +1,7 @@
 - logout detection
 - conflict detection
  - note title and content changes are not in audit_log table
- deleting cloned nodes ends with 500 (probably only on folders)
+- deleting cloned nodes ends with 500 (probably only on folders)
+- what links here
+- recent changes - link to note should lead to the revision
+- db upgrade / migration
--- a/src/app.py
+++ b/src/app.py
@ -101,6 +101,13 @@ def load_user(user_id):
    else:
        return None

+@login_manager.unauthorized_handler
+def unauthorized_handler():
+    if request.path.startswith('/api'):
+        return 'Unauthorized', 401
+    else:
+        return redirect('/login')
+
 if __name__ == "__main__":
    ssl_context = None