Jan-11-2019, 02:10 PM
My apologies for not showing the database code, nor the global variables defining the Auth2.0 code.
I was hoping the title would get my foot in the door with someone whom was knowledgeable in auth2.0.
The code above shown shows:
1. An item to be edited (executed by SQLAlchemy on a one to one database relationship)
2. A login session ID, pulled from a local user token created.
3. If the edited item column; user id (which is the key stored from the login session user id) does not equal the login session user id return an error.
for reference I solved the problem by changing a little bit of the code, and defining it differently
WAS:
.
I was hoping the title would get my foot in the door with someone whom was knowledgeable in auth2.0.
The code above shown shows:
1. An item to be edited (executed by SQLAlchemy on a one to one database relationship)
2. A login session ID, pulled from a local user token created.
3. If the edited item column; user id (which is the key stored from the login session user id) does not equal the login session user id return an error.
for reference I solved the problem by changing a little bit of the code, and defining it differently
WAS:
creator = getUserInfo(editedCuisine.user_id)
user = getUserInfo(login_session['user_id'])
# If logged in user is not item owner redirect them
if creator.id != login_session['user_id']:
flash ("This is not yours to edit. This belongs to %s" % creator.name)
return redirect(url_for('editCuisine'))CHANGED TO: if editedCuisine.user_id != login_session['user_id']:
return "<script>function myFunction() {alert('You are not authorized"\
"to edit this item. Please create your own item in order to edit.');"\
"window.location = '/cuisines';}</script><body onload='myFunction()''>"Thank you for the reply regardless .