Moved admin privileges to our database (instead of Auth0's). I think we are now using the new values everywhere and on all the paths (logged in already, or logged in on the relevant page, etc.) but the code was convoluted enough that I wouldn't be surprised if I missed something or if there was a subtle timing conflict.
Fixes #800
While I was in there I added redirects on the rest of the login paths.
Fixes #434 (which was closed, but was only working on one of the possible login paths).
Moved admin privileges to our database (instead of Auth0's). I think we are now using the new values everywhere and on all the paths (logged in already, or logged in on the relevant page, etc.) but the code was convoluted enough that I wouldn't be surprised if I missed something or if there was a subtle timing conflict.
Fixes #800
While I was in there I added redirects on the rest of the login paths.
Fixes #434 (which was closed, but was only working on one of the possible login paths).