Redirect to login page when Forbidden happens with anonymous user

This commit is contained in:
Lance Edgar 2017-02-13 16:22:20 -06:00
parent 5fb421d74b
commit b90f5c8a3a

View file

@ -81,14 +81,16 @@ class AuthenticationView(View):
This is triggered whenever access is not allowed for an otherwise
appropriate view.
"""
next_url = self.request.get_referrer()
msg = literal("You do not have permission to do that.")
if not self.request.authenticated_userid:
msg += literal("  (Perhaps you should %s?)" %
tags.link_to("log in", self.request.route_url('login')))
# Store current URL in session, for smarter redirect after login.
self.request.session['next_url'] = self.request.current_route_url()
next_url = self.request.route_url('login')
self.request.session.flash(msg, allow_duplicate=False)
return self.redirect(self.request.get_referrer())
return self.redirect(next_url)
def login(self, mobile=False):
"""