403: redirect user to login page if not logged in

Signed-Off-By: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 14:58:25 +02:00 · 2018-03-26 14:58:25 +02:00 · 99abac343b
parent 5d57a4bb6f
commit 99abac343b
1 changed files with 7 additions and 1 deletions
--- a/lib/response.js
+++ b/lib/response.js
@ -17,7 +17,13 @@ var utils = require('./utils')
 // public
 var response = {
  errorForbidden: function (res) {
-    responseError(res, '403', 'Forbidden', 'oh no.')
+    const {req} = res
+    if (req.user) {
+      responseError(res, '403', 'Forbidden', 'oh no.')
+    } else {
+      req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
+      res.redirect(config.serverURL)
+    }
  },
  errorNotFound: function (res) {
    responseError(res, '404', 'Not Found', 'oops.')