From 16128288a91fdb46f1b601aefb49127ff63f1768 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Wed, 10 May 2017 11:36:19 +0100 Subject: [PATCH] Add sudo-mode protection to sessions page --- services/web/app/coffee/router.coffee | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index 5bbc416581..0a7a7bd69d 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -94,7 +94,10 @@ module.exports = class Router webRouter.post '/user/settings', AuthenticationController.requireLogin(), UserController.updateUserSettings webRouter.post '/user/password/update', AuthenticationController.requireLogin(), UserController.changePassword - webRouter.get '/user/sessions', AuthenticationController.requireLogin(), UserPagesController.sessionsPage + webRouter.get '/user/sessions', + AuthenticationController.requireLogin(), + SudoModeMiddlewear.protectPage, + UserPagesController.sessionsPage webRouter.post '/user/sessions/clear', AuthenticationController.requireLogin(), UserController.clearSessions webRouter.delete '/user/newsletter/unsubscribe', AuthenticationController.requireLogin(), UserController.unsubscribe