forked from rDrama/rDrama
disable admin features unless 2FA configured
parent
ab2889e3c3
commit
ecb3ee52b4
|
@ -112,6 +112,7 @@ def admin_level_required(x):
|
||||||
def wrapper(*args, **kwargs):
|
def wrapper(*args, **kwargs):
|
||||||
v = get_logged_in_user()
|
v = get_logged_in_user()
|
||||||
if not v: abort(401)
|
if not v: abort(401)
|
||||||
|
if not v.mfa_secret: abort(403, "You need to enable 2FA to use admin features!")
|
||||||
if v.admin_level < x: abort(403)
|
if v.admin_level < x: abort(403)
|
||||||
return make_response(f(*args, v=v, **kwargs))
|
return make_response(f(*args, v=v, **kwargs))
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue