changing admin API calls to return 404 if unauthenticated, and redirect user to login for regular URL. closes #1885

2025-11-03 12:36:02 +01:00 · 2014-08-31 22:43:00 -04:00
parent 7572c9a803
commit 08c9cbdf70
4 changed files with 8 additions and 3 deletions
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -177,7 +177,7 @@
 						}

 						app.get(strategy.callbackURL, passport.authenticate(strategy.name, {
-							successRedirect: nconf.get('relative_path') + '/',
+							successReturnToOrRedirect: nconf.get('relative_path') + '/',
 							failureRedirect: nconf.get('relative_path') + '/login'
 						}));
 					}