diff --git a/source/app/controllers/main.py b/source/app/controllers/main.py index 927a1db..a9fcd4c 100644 --- a/source/app/controllers/main.py +++ b/source/app/controllers/main.py @@ -111,6 +111,11 @@ class AppValues(object): def on_delete(self, req, resp, table): values = req.params session = req.env['beaker.session'] + if not 'userobj' in session: + session.delete() + resp.status = falcon.HTTP_200 + raise falcon.HTTPTemporaryRedirect('/') + if table == 'usuario' and (session['userobj'].id == int(values['id'])): resp.status = falcon.HTTP_204 return @@ -250,6 +255,11 @@ class AppInvoices(object): def on_post(self, req, resp): values = req.params session = req.env['beaker.session'] + if not 'userobj' in session: + session.delete() + resp.status = falcon.HTTP_200 + raise falcon.HTTPTemporaryRedirect('/') + req.context['result'] = self._db.invoice(values, session['userobj']) resp.status = falcon.HTTP_200 @@ -297,6 +307,11 @@ class AppTickets(object): def on_post(self, req, resp): values = req.params session = req.env['beaker.session'] + if not 'userobj' in session: + session.delete() + resp.status = falcon.HTTP_200 + raise falcon.HTTPTemporaryRedirect('/') + req.context['result'] = self._db.tickets(values, session['userobj']) resp.status = falcon.HTTP_200 diff --git a/source/app/middleware.py b/source/app/middleware.py index d286d17..3054d73 100644 --- a/source/app/middleware.py +++ b/source/app/middleware.py @@ -70,7 +70,11 @@ class ConnectionMiddleware(object): def process_resource(self, req, resp, resource, params): id_session = req.cookies.get('beaker.session.id', '') session = req.env['beaker.session'] - print ('\n\n', id_session, session, '\n\n') + if not 'userobj' in session: + session.delete() + resp.status = falcon.HTTP_200 + raise falcon.HTTPTemporaryRedirect('/') + rfc = session.get('rfc', '') if id_session and rfc: opt = util.get_con(rfc)