Skip to content

fix: Prevent non-member org users to access portal without privileges

Relates to #602 (closed)

Tightens up authorization. There was an infinite loop occurring because of a contradiction between the portal and the protected route permissions.

Non-member orgs were being treated as authorized on /portal, yet unauthorized on /portal/dashboard/. This lead to an infinite loop where redirects were looping:

/portal/login -> /portal/ --- authorized --> /portal/dashboard/ --- unauthorized --> /portal/login/ --> /portal/ --> etc.

The fix was to simply add the authorization requirement to /portal

Edited by Olivier Goulet

Merge request reports