Jan-11-2019, 02:10 PM
My apologies for not showing the database code, nor the global variables defining the Auth2.0 code.
I was hoping the title would get my foot in the door with someone whom was knowledgeable in auth2.0.
The code above shown shows:
1. An item to be edited (executed by SQLAlchemy on a one to one database relationship)
2. A login session ID, pulled from a local user token created.
3. If the edited item column; user id (which is the key stored from the login session user id) does not equal the login session user id return an error.
for reference I solved the problem by changing a little bit of the code, and defining it differently
WAS:
I was hoping the title would get my foot in the door with someone whom was knowledgeable in auth2.0.
The code above shown shows:
1. An item to be edited (executed by SQLAlchemy on a one to one database relationship)
2. A login session ID, pulled from a local user token created.
3. If the edited item column; user id (which is the key stored from the login session user id) does not equal the login session user id return an error.
for reference I solved the problem by changing a little bit of the code, and defining it differently
WAS:
creator = getUserInfo(editedCuisine.user_id) user = getUserInfo(login_session['user_id']) # If logged in user is not item owner redirect them if creator.id != login_session['user_id']: flash ("This is not yours to edit. This belongs to %s" % creator.name) return redirect(url_for('editCuisine'))CHANGED TO:
if editedCuisine.user_id != login_session['user_id']: return "<script>function myFunction() {alert('You are not authorized"\ "to edit this item. Please create your own item in order to edit.');"\ "window.location = '/cuisines';}</script><body onload='myFunction()''>"Thank you for the reply regardless .