mirror of
https://github.com/zadam/trilium.git
synced 2024-12-27 09:43:18 +08:00
returning 401 for unauthorized API calls while redirecting to /login for unauthorized page access
This commit is contained in:
azivner
parent
e28c06ef37
commit
734b45dc67
2 changed files with 11 additions and 1 deletions
5
TODO
5
TODO
|
|
@ -1,4 +1,7 @@
|
|||
- logout detection
|
||||
- conflict detection
|
||||
- note title and content changes are not in audit_log table
|
||||
- deleting cloned nodes ends with 500 (probably only on folders)
|
||||
- deleting cloned nodes ends with 500 (probably only on folders)
|
||||
- what links here
|
||||
- recent changes - link to note should lead to the revision
|
||||
- db upgrade / migration
|
||||
|
|
|
|||
|
|
@ -101,6 +101,13 @@ def load_user(user_id):
|
|||
else:
|
||||
return None
|
||||
|
||||
@login_manager.unauthorized_handler
|
||||
def unauthorized_handler():
|
||||
if request.path.startswith('/api'):
|
||||
return 'Unauthorized', 401
|
||||
else:
|
||||
return redirect('/login')
|
||||
|
||||
if __name__ == "__main__":
|
||||
ssl_context = None
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue