From 668747393147fb8433c352c7ce86c4b1516c053a Mon Sep 17 00:00:00 2001
From: Mauricio Baeza <git@elmau.net>
Date: Thu, 25 Jan 2018 01:21:19 -0600
Subject: [PATCH] Fix - Issue #146

---
 source/app/controllers/main.py | 4 +++-
 source/app/middleware.py       | 5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/source/app/controllers/main.py b/source/app/controllers/main.py
index 700a97a..c39e315 100644
--- a/source/app/controllers/main.py
+++ b/source/app/controllers/main.py
@@ -96,9 +96,11 @@ class AppValues(object):
     def on_get(self, req, resp, table):
         values = req.params
         session = req.env['beaker.session']
-
+        print ('\nVALUES', session)
         if not 'userobj' in session:
+            print (1)
             session.invalidate()
+            print (2)
             raise falcon.HTTPTemporaryRedirect('/')
 
         if table == 'admin':
diff --git a/source/app/middleware.py b/source/app/middleware.py
index e034603..8204b84 100644
--- a/source/app/middleware.py
+++ b/source/app/middleware.py
@@ -36,6 +36,7 @@ class AuthMiddleware(object):
         session = req.env['beaker.session']
         user = session.get('userobj', None)
         id_session = req.cookies.get('beaker.session.id', '')
+
         if req.path == '/empresas' or req.path == '/values/empresas':
             if MV:
                 pass
@@ -48,6 +49,10 @@ class AuthMiddleware(object):
                 raise falcon.HTTPTemporaryRedirect('/main')
         elif not id_session and req.path != '/':
             raise falcon.HTTPTemporaryRedirect('/')
+        elif id_session and user is None:
+            session.delete()
+            if req.path == '/main':
+                raise falcon.HTTPTemporaryRedirect('/')
 
 
 class JSONTranslator(object):