add a code path for unauthorized XHR

2021-10-06 09:07:35 +01:00
parent d8a9ad9007
commit 0dbf1b73cb
2 changed files with 6 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1,3 @@
 share/public/javascripts/*.min.js binary
 share/public/css/*.min.css binary
+share/public/swagger-ui/* binary
--- a/lib/App/Netdisco/Web/AuthN.pm
+++ b/lib/App/Netdisco/Web/AuthN.pm
@@ -210,6 +210,11 @@ get qr{^/(?:login(?:/denied)?)?} => sub {
        return_url => param('return_url'),
      };
    }
+    elsif (defined request->header('X-Requested-With')
+           and request->header('X-Requested-With') eq 'XMLHttpRequest') {
+      status('unauthorized');
+      return '<div class="span2 alert alert-error"><i class="icon-ban-circle"></i> Error: unauthorized.</div>';
+    }
    else {
      template 'index', {
        return_url => param('return_url')