closed #2087

public/src/ajaxify.js

@@ -32,10 +32,11 @@ $(document).ready(function() {
 			if (data) {
 				if (data.status === 404) {
 					return ajaxify.go('404');
-				} else if (data.status === 403) {
+				} else if (data.status === 401) {
 					app.alertError('[[global:please_log_in]]');
-					app.previousUrl = url;
 					return ajaxify.go('login');
+				} else if (data.statuc === 403) {
+					app.alertError('[[error:no-privileges]]');
 				} else if (data.status === 302) {
 					return ajaxify.go(data.responseJSON.slice(1), callback, quiet);
 				}

src/controllers/categories.js

@@ -11,6 +11,11 @@ var categoriesController = {},
 	meta = require('../meta'),
 	plugins = require('../plugins');
 
+// todo: This might be better placed somewhere else
+var apiToRegular = function(url) {
+	return url.replace(/^\/api/, '');
+};
+
 categoriesController.recent = function(req, res, next) {
 	var uid = req.user ? req.user.uid : 0;
 	var end = (parseInt(meta.config.topicsPerList, 10) || 20) - 1;
@@ -231,6 +236,7 @@ categoriesController.notAllowed = function(req, res) {
 		res.locals.isAPI ? res.json(403, 'not-allowed') : res.status(403).render('403');
 	} else {
 		if (res.locals.isAPI) {
+			req.session.returnTo = apiToRegular(req.url);
 			res.json(401, 'not-authorized');
 		} else {
 			req.session.returnTo = req.url;