Don't have an authenticatication loop

When we want to access to the admin interface with oidc and with a user that's not allowed to access to the admin interface.
camptocamp · Dec 18, 2024 · 8084ce2 · 8084ce2
1 parent 54b69ee
commit 8084ce2
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/geoportal/c2cgeoportal_geoportal/views/login.py b/geoportal/c2cgeoportal_geoportal/views/login.py
@@ -92,6 +92,9 @@ def _referrer_log(self) -> None:
 
     @forbidden_view_config(renderer="login.html")  # type: ignore
     def loginform403(self) -> dict[str, Any] | pyramid.response.Response:
+        if self.request.authenticated_userid is not None:
+            return HTTPForbidden()
+
         if self.authentication_settings.get("openid_connect", {}).get("enabled", False):
             return HTTPFound(
                 location=self.request.route_url(
@@ -100,9 +103,6 @@ def loginform403(self) -> dict[str, Any] | pyramid.response.Response:
                 )
             )
 
-        if self.request.authenticated_userid is not None:
-            return HTTPForbidden()
-
         set_common_headers(self.request, "login", Cache.PRIVATE_NO)
 
         return {