From e6e6ed9c2845505ac60806e96e6974b4039b6a00 Mon Sep 17 00:00:00 2001
From: Lynne <lynne@bune.city>
Date: Sat, 7 Sep 2019 13:51:02 +1000
Subject: [PATCH] redirect to home if user tries to access page requiring
 authentication while signed out

---
 webui.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/webui.py b/webui.py
index 36e976c..05947b0 100644
--- a/webui.py
+++ b/webui.py
@@ -224,6 +224,7 @@ def bot_accounts_delete(id):
 
 @app.route("/bot/create/", methods=['GET', 'POST'])
 def bot_create():
+	login_check()
 	error = None
 	if request.method == 'POST':
 		if session['step'] == 1:
@@ -408,3 +409,10 @@ def bot_check(bot):
 	c = mysql.connection.cursor()
 	c.execute("SELECT COUNT(*) FROM `bots` WHERE `handle` = %s AND `user_id` = %s", (bot, session['user_id']))
 	return c.fetchone()[0] == 1
+
+@app.before_request
+def login_check():
+	if request.path not in ['/', '/about', '/welcome', '/login', '/signup', '/do/login', '/do/signup', '/static/style.css']:
+		# page requires authentication
+		if 'user_id' not in session:
+			return redirect(url_for('home'))