forked from rDrama/rDrama
disable admin features unless 2FA configured
parent
ab2889e3c3
commit
ecb3ee52b4
|
@ -112,6 +112,7 @@ def admin_level_required(x):
|
|||
def wrapper(*args, **kwargs):
|
||||
v = get_logged_in_user()
|
||||
if not v: abort(401)
|
||||
if not v.mfa_secret: abort(403, "You need to enable 2FA to use admin features!")
|
||||
if v.admin_level < x: abort(403)
|
||||
return make_response(f(*args, v=v, **kwargs))
|
||||
|
||||
|
|
Loading…
Reference in New Issue