diff options
| -rw-r--r-- | app/views/admin.py | 5 | ||||
| -rw-r--r-- | app/views/githublogin.py | 4 |
2 files changed, 6 insertions, 3 deletions
diff --git a/app/views/admin.py b/app/views/admin.py index 0e44897..19bcd4b 100644 --- a/app/views/admin.py +++ b/app/views/admin.py @@ -36,7 +36,10 @@ class MyModelView(ModelView): def inaccessible_callback(self, name, **kwargs): # redirect to login page if user doesn't have access - return redirect(url_for('user.login', next=request.url)) + if current_user.is_authenticated: + abort(403) + else: + return redirect(url_for('user.login', next=request.url)) admin = Admin(app, name='ContentDB', template_mode='bootstrap3', url="/admin/db") admin.add_view(MyModelView(User, db.session)) diff --git a/app/views/githublogin.py b/app/views/githublogin.py index defdad1..9ea2584 100644 --- a/app/views/githublogin.py +++ b/app/views/githublogin.py @@ -51,9 +51,9 @@ def github_authorized(oauth_token): if current_user and current_user.is_authenticated: if userByGithub is None: current_user.github_username = username - db.session.add(auth) db.session.commit() - return redirect(url_for("gitAccount", id=auth.id)) + flash("Linked github to account", "success") + return redirect(url_for("home_page")) else: flash("Github account is already associated with another user", "danger") return redirect(url_for("home_page")) |