Refactor authentication middleware to include both redirects and 401s

venantius / darg

Kill the status meeting -- an abandoned IDoneThis competitor.

1 stars 0 forks source link

Refactor authentication middleware to include both redirects and 401s #274

Closed venantius closed 9 years ago

venantius commented 9 years ago

At the moment trying to access certain web pages when you're not logged in just 401s, instead of, say, redirecting you to a 401 page. We should change this.

venantius commented 9 years ago

There's a distinction here; if the user is logged in and tries to access the wrong thing they should go to the 401 page. If they're not logged in they should go to the login page with a follow-up redirection to the page they were trying to go to.