Tell users if they are not allowed to log in at this time

This fixes an error where users were logged in correctly, but then immediately got redirected to the default sso provider because the before_request function did not log them in because they were not allowed to log in at this time.
voc · Dec 24, 2024 · b792837 · b792837
1 parent e795cde
commit b792837
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/frontend.py b/frontend.py
@@ -241,13 +241,17 @@ def oauth2_callback(provider):
         flash("You are not allowed to log in at this time.", "warning")
         return redirect(url_for("faq", _anchor="signup"))
 
-    session["oauth2_provider"] = provider
-    session["oauth2_userinfo"] = userinfo_json
-
     userid = SSO_CONFIG[provider]["functions"]["userid"](userinfo_json)
     user_is_admin = SSO_CONFIG[provider]["functions"]["is_admin"](userinfo_json)
+    user_without_limits = SSO_CONFIG[provider]["functions"]["no_limit"](userinfo_json)
     REDIS.set(f"admin:{userid}", "1" if user_is_admin else "0")
 
+    if not (user_is_admin or user_without_limits or is_within_timeframe()):
+        return render_template("time_error.jinja")
+
+    session["oauth2_provider"] = provider
+    session["oauth2_userinfo"] = userinfo_json
+
     if "redirect_after_login" in session:
         return redirect(session["redirect_after_login"])
     return redirect(url_for("dashboard"))