Skip to content

Commit

Permalink
fix: Clients limit exceeded route requires login (#4139)
Browse files Browse the repository at this point in the history
We should return an Unauthorized error when someone tries to access
the clients limit exceeded route of a Cozy without a valid session
(i.e. without being logged in).
  • Loading branch information
taratatach authored Sep 27, 2023
2 parents c92b2de + fbf61b0 commit 6bd697a
Show file tree
Hide file tree
Showing 2 changed files with 77 additions and 3 deletions.
4 changes: 4 additions & 0 deletions web/settings/clients.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,10 @@ func (h *HTTPHandler) synchronized(c echo.Context) error {
func (h *HTTPHandler) limitExceeded(c echo.Context) error {
inst := middlewares.GetInstance(c)

if !middlewares.IsLoggedIn(c) {
return echo.NewHTTPError(http.StatusUnauthorized, "Error Must be authenticated")
}

redirect := c.QueryParam("redirect")
if redirect == "" {
redirect = inst.DefaultRedirection().String()
Expand Down
Loading

0 comments on commit 6bd697a

Please sign in to comment.