move /action to non-authenticated area to handle session issues
This commit is contained in:
parent
bf4ccb0eab
commit
ec82ac0f2e
1 changed files with 18 additions and 7 deletions
25
index.pl
25
index.pl
|
@ -1021,11 +1021,6 @@ get '/reg/:id/:token' => sub {
|
|||
$self->render( 'login', from => 'verification' );
|
||||
};
|
||||
|
||||
under sub {
|
||||
my ($self) = @_;
|
||||
return $self->is_user_authenticated;
|
||||
};
|
||||
|
||||
post '/action' => sub {
|
||||
my ($self) = @_;
|
||||
my $params = $self->req->json;
|
||||
|
@ -1034,13 +1029,25 @@ post '/action' => sub {
|
|||
$params = $self->req->params->to_hash;
|
||||
}
|
||||
|
||||
if ( not $self->is_user_authenticated ) {
|
||||
|
||||
# We deliberately do not set the HTTP status for these replies, as it
|
||||
# confuses jquery.
|
||||
$self->render(
|
||||
json => {
|
||||
success => 0,
|
||||
error => 'Session error, please login again',
|
||||
},
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if ( not $params->{action} ) {
|
||||
$self->render(
|
||||
json => {
|
||||
success => 0,
|
||||
error => 'Missing action value',
|
||||
},
|
||||
status => 400,
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
@ -1111,11 +1118,15 @@ post '/action' => sub {
|
|||
success => 0,
|
||||
error => 'invalid action value',
|
||||
},
|
||||
status => 400,
|
||||
);
|
||||
}
|
||||
};
|
||||
|
||||
under sub {
|
||||
my ($self) = @_;
|
||||
return $self->is_user_authenticated;
|
||||
};
|
||||
|
||||
get '/account' => sub {
|
||||
my ($self) = @_;
|
||||
|
||||
|
|
Loading…
Reference in a new issue