fix(authentication): remove any user credentials if not allowed on any endpoint (#719)

8 years ago · 9e818c2882
parent c243a02e7a
commit 9e818c2882
1 changed files with 1 additions and 0 deletions
--- a/app/components/auth/authController.js
+++ b/app/components/auth/authController.js
@ -104,6 +104,7 @@ function ($scope, $state, $stateParams, $window, $timeout, $sanitize, Config, Au
      else if (data.length === 0 && userDetails.role === 1) {
        $state.go('endpointInit');
      } else if (data.length === 0 && userDetails.role === 2) {
+        Authentication.logout();
        $scope.authData.error = 'User not allowed. Please contact your administrator.';
      }
    })