From 0ce48a5977f77d0460b532c1b462680a41134587 Mon Sep 17 00:00:00 2001
From: Mauricio Baeza <git@elmau.net>
Date: Wed, 24 Jan 2018 23:44:55 -0600
Subject: [PATCH] Fix - Connection without session

---
 source/app/controllers/main.py | 15 +++++++++++++++
 source/app/middleware.py       |  6 +++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/source/app/controllers/main.py b/source/app/controllers/main.py
index 927a1db..a9fcd4c 100644
--- a/source/app/controllers/main.py
+++ b/source/app/controllers/main.py
@@ -111,6 +111,11 @@ class AppValues(object):
     def on_delete(self, req, resp, table):
         values = req.params
         session = req.env['beaker.session']
+        if not 'userobj' in session:
+            session.delete()
+            resp.status = falcon.HTTP_200
+            raise falcon.HTTPTemporaryRedirect('/')
+
         if table == 'usuario' and (session['userobj'].id == int(values['id'])):
             resp.status = falcon.HTTP_204
             return
@@ -250,6 +255,11 @@ class AppInvoices(object):
     def on_post(self, req, resp):
         values = req.params
         session = req.env['beaker.session']
+        if not 'userobj' in session:
+            session.delete()
+            resp.status = falcon.HTTP_200
+            raise falcon.HTTPTemporaryRedirect('/')
+
         req.context['result'] = self._db.invoice(values, session['userobj'])
         resp.status = falcon.HTTP_200
 
@@ -297,6 +307,11 @@ class AppTickets(object):
     def on_post(self, req, resp):
         values = req.params
         session = req.env['beaker.session']
+        if not 'userobj' in session:
+            session.delete()
+            resp.status = falcon.HTTP_200
+            raise falcon.HTTPTemporaryRedirect('/')
+
         req.context['result'] = self._db.tickets(values, session['userobj'])
         resp.status = falcon.HTTP_200
 
diff --git a/source/app/middleware.py b/source/app/middleware.py
index d286d17..3054d73 100644
--- a/source/app/middleware.py
+++ b/source/app/middleware.py
@@ -70,7 +70,11 @@ class ConnectionMiddleware(object):
     def process_resource(self, req, resp, resource, params):
         id_session = req.cookies.get('beaker.session.id', '')
         session = req.env['beaker.session']
-        print ('\n\n', id_session, session, '\n\n')
+        if not 'userobj' in session:
+            session.delete()
+            resp.status = falcon.HTTP_200
+            raise falcon.HTTPTemporaryRedirect('/')
+
         rfc = session.get('rfc', '')
         if id_session and rfc:
             opt = util.get_con(rfc)