fix(authentication): remove any user credentials if not allowed on any endpoint (#719)

2025-07-23 15:29:42 +02:00 · 2017-03-27 15:24:35 +02:00 · 2017-03-27 15:24:35 +02:00 · 9e818c2882
commit 9e818c2882
parent c243a02e7a
1 changed files with 1 additions and 0 deletions
--- a/app/components/auth/authController.js
+++ b/app/components/auth/authController.js
@ -104,6 +104,7 @@ function ($scope, $state, $stateParams, $window, $timeout, $sanitize, Config, Au
      else if (data.length === 0 && userDetails.role === 1) {
        $state.go('endpointInit');
      } else if (data.length === 0 && userDetails.role === 2) {
+        Authentication.logout();
        $scope.authData.error = 'User not allowed. Please contact your administrator.';
      }
    })