From 865ffa2e14fb4695ae87495174c1775248371454 Mon Sep 17 00:00:00 2001
From: root <root@login001.cm.cluster>
Date: Wed, 14 Dec 2022 01:30:56 -0600
Subject: [PATCH] Update to only use eppa if it's provided in the headers

---
 app/__init__.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index 5519a7b..6b4273e 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -71,11 +71,12 @@ def create_app(config_name):
             "redir", app_vars.default_referrer
         )
 
-        if not any(item in session["user"].get("eppa") for item in valid_eppa):
-            return render_template(
-                "account/unauthorized.html",
-                unauthorized_msg=messages.unauthorized_message,
-            )
+        if 'eppa' in request.headers:
+            if not any(item in session["user"].get("eppa") for item in valid_eppa):
+                return render_template(
+                    "account/unauthorized.html",
+                    unauthorized_msg=messages.unauthorized_message,
+                )
 
         if rc_util.check_state(session["user"].get("username")) == "hold":
             return render_template(
-- 
GitLab