Mirrors/travelynx
2
0
Fork 0
mirror of https://github.com/derf/travelynx synced 2024-09-20 14:41:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

move /action to non-authenticated area to handle session issues

Browse source
This commit is contained in:
Daniel Friesel 2019-03-08 16:55:45 +01:00
parent bf4ccb0eab
commit ec82ac0f2e
1 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
index.pl
View file

@ -1021,11 +1021,6 @@ get '/reg/:id/:token' => sub {
$self->render( 'login', from => 'verification' );
};
under sub {
my ($self) = @_;
return $self->is_user_authenticated;
};
post '/action' => sub {
my ($self) = @_;
my $params = $self->req->json;
@ -1034,13 +1029,25 @@ post '/action' => sub {
$params = $self->req->params->to_hash;
}
if ( not $self->is_user_authenticated ) {
# We deliberately do not set the HTTP status for these replies, as it
# confuses jquery.
$self->render(
json => {
success => 0,
error => 'Session error, please login again',
},
);
return;
}
if ( not $params->{action} ) {
$self->render(
json => {
success => 0,
error => 'Missing action value',
},
status => 400,
);
return;
}
@ -1111,11 +1118,15 @@ post '/action' => sub {
success => 0,
error => 'invalid action value',
},
status => 400,
);
}
};
under sub {
my ($self) = @_;
return $self->is_user_authenticated;
};
get '/account' => sub {
my ($self) = @_;