From b296b9b299fa4d07bedc25c791d1a039d4b9fb72 Mon Sep 17 00:00:00 2001
From: rubenwardy <rw@rubenwardy.com>
Date: Mon, 30 Jul 2018 00:42:11 +0100
Subject: [PATCH] Fix two bugs

---
 app/views/admin.py       | 5 ++++-
 app/views/githublogin.py | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/views/admin.py b/app/views/admin.py
index 0e44897..19bcd4b 100644
--- a/app/views/admin.py
+++ b/app/views/admin.py
@@ -36,7 +36,10 @@ class MyModelView(ModelView):
 
 	def inaccessible_callback(self, name, **kwargs):
 		# redirect to login page if user doesn't have access
-		return redirect(url_for('user.login', next=request.url))
+		if current_user.is_authenticated:
+			abort(403)
+		else:
+			return redirect(url_for('user.login', next=request.url))
 
 admin = Admin(app, name='ContentDB', template_mode='bootstrap3', url="/admin/db")
 admin.add_view(MyModelView(User, db.session))
diff --git a/app/views/githublogin.py b/app/views/githublogin.py
index defdad1..9ea2584 100644
--- a/app/views/githublogin.py
+++ b/app/views/githublogin.py
@@ -51,9 +51,9 @@ def github_authorized(oauth_token):
 	if current_user and current_user.is_authenticated:
 		if userByGithub is None:
 			current_user.github_username = username
-			db.session.add(auth)
 			db.session.commit()
-			return redirect(url_for("gitAccount", id=auth.id))
+			flash("Linked github to account", "success")
+			return redirect(url_for("home_page"))
 		else:
 			flash("Github account is already associated with another user", "danger")
 			return redirect(url_for("home_page"))