Fix infinite redirect when logged in

[gmjosack]

By default the permission_required decorator redirects to the login url when you don't have sufficient permissions. The result of this is if a user navigates to a page they don't have permission to view they end up in an infinite redirect loop between the forbidden page and the login page.

This change will allow logged out users a chance to login but return forbidden when you don't have sufficient permissions.

[gmjosack]

Is there anything missing from the PR to get it merged?

[claudep]

Sorry for the long time to review, and thanks for the patch!