From 48fac6844f4a55c2086e17e9c75819a8ebc8c156 Mon Sep 17 00:00:00 2001 From: Edmund von der Burg Date: Fri, 1 Apr 2011 15:20:23 +0100 Subject: Prevent access to '/my' for users who are not logged in --- perllib/FixMyStreet/App/Controller/My.pm | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'perllib/FixMyStreet/App/Controller/My.pm') diff --git a/perllib/FixMyStreet/App/Controller/My.pm b/perllib/FixMyStreet/App/Controller/My.pm index 4c509ec80..1189fe901 100644 --- a/perllib/FixMyStreet/App/Controller/My.pm +++ b/perllib/FixMyStreet/App/Controller/My.pm @@ -20,10 +20,15 @@ Catalyst Controller. =cut -# FIXME - only logged in users should get to here. - sub my : Path : Args(0) { my ( $self, $c ) = @_; + + # FIXME - handle not being logged in more elegantly + unless ( $c->user ) { + $c->res->redirect( $c->uri_for('/auth') ); + $c->detach; + } + } __PACKAGE__->meta->make_immutable; -- cgit v1.2.3