Redirect any unauthenticated requests to admin to login

sprin / pg-discuss

A comment system backend in Python with PostgreSQL

http://pg-discuss.sprin.io/

10 stars 1 forks source link

Redirect any unauthenticated requests to admin to login #13

Closed sprin closed 8 years ago

sprin commented 8 years ago

Also redirect logins to the page that was originally requested.

sprin commented 8 years ago

For simplicity, and security, we always redirect to the admin landing page upon successful login. If we redirected to the originally requested URL using a breadcrumb, we would need to validate the breadcrumb for security, which is non-trivial.