You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by da...@apache.org on 2018/07/13 20:32:21 UTC
[trafficcontrol] branch master updated: check if username has been
removed from the cookie via a logout and return a 401
This is an automated email from the ASF dual-hosted git repository.
dangogh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new ccc8cdf check if username has been removed from the cookie via a logout and return a 401
ccc8cdf is described below
commit ccc8cdf84727c7b80c77fd4331375c1d0d39f4e9
Author: Dylan Volz <Dy...@comcast.com>
AuthorDate: Fri Jul 13 14:12:12 2018 -0600
check if username has been removed from the cookie via a logout and return a 401
---
traffic_ops/traffic_ops_golang/wrappers.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/traffic_ops/traffic_ops_golang/wrappers.go b/traffic_ops/traffic_ops_golang/wrappers.go
index 995ca0a..4359a02 100644
--- a/traffic_ops/traffic_ops_golang/wrappers.go
+++ b/traffic_ops/traffic_ops_golang/wrappers.go
@@ -94,6 +94,11 @@ func (a AuthBase) GetWrapper(privLevelRequired int) Middleware {
}
username := oldCookie.AuthData
+ if username == "" {
+ handleErr(http.StatusUnauthorized, errors.New("Unauthorized, please log in."))
+ return
+ }
+
currentUserInfo := auth.GetCurrentUserFromDB(a.getCurrentUserInfoStmt, username)
if currentUserInfo.PrivLevel < privLevelRequired {
handleErr(http.StatusForbidden, errors.New("Forbidden."))