From 9b3e7b0203f582d4193def2d24a9c77683bc8456 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Tue, 3 Sep 2024 10:18:36 -0500
Subject: Put active pages behind auth. Flash all error messages.

---
 uploader/species/views.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'uploader/species')

diff --git a/uploader/species/views.py b/uploader/species/views.py
index af66de3..3a76494 100644
--- a/uploader/species/views.py
+++ b/uploader/species/views.py
@@ -7,6 +7,7 @@ from flask import (flash,
                    current_app as app,
                    render_template as flask_render_template)
 
+from uploader.authorisation import require_login
 from uploader.db_utils import database_connection
 
 from .models import all_species, save_species, species_by_id
@@ -28,12 +29,14 @@ def list_species():
                                allspecies=all_species(conn))
 
 @speciesbp.route("/<int:species_id>", methods=["GET"])
+@require_login
 def view_species(species_id: int):
     """View details of a particular species and menus to act upon it."""
     with database_connection(app.config["SQL_URI"]) as conn:
         return species_by_id(conn, species_id)
 
 @speciesbp.route("/create", methods=["GET", "POST"])
+@require_login
 def create_species():
     """Create a new species."""
     # We can use uniprot's API to fetch the details with something like
-- 
cgit v1.2.3