From 99abac343bd098ea032cac8e5b703193ad41d069 Mon Sep 17 00:00:00 2001
From: Pedro Ferreira
Date: Mon, 26 Mar 2018 14:58:25 +0200
Subject: 403: redirect user to login page if not logged in

Signed-Off-By: Pedro Ferreira <pedro.ferreira@cern.ch>
---
 lib/response.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'lib/response.js')

diff --git a/lib/response.js b/lib/response.js
index b18fd7a3..aeb594a3 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -17,7 +17,13 @@ var utils = require('./utils')
 // public
 var response = {
   errorForbidden: function (res) {
-    responseError(res, '403', 'Forbidden', 'oh no.')
+    const {req} = res
+    if (req.user) {
+      responseError(res, '403', 'Forbidden', 'oh no.')
+    } else {
+      req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
+      res.redirect(config.serverURL)
+    }
   },
   errorNotFound: function (res) {
     responseError(res, '404', 'Not Found', 'oops.')
-- 
cgit v1.2.3