Merge pull request #270 from Royal-Society-of-New-Zealand/ORCIDHUB-209

allow login for existing users...
Royal-Society-of-New-Zealand · Oct 10, 2017 · c06f06b · c06f06b
2 parents d9962f0 + b405e20
commit c06f06b
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/authcontroller.py b/authcontroller.py
@@ -219,12 +219,6 @@ def handle_login():
             app.logger.info(
                 f"the user has logged in with secondary email addresses: {secondary_emails}")
 
-        if ENV != "dev" and not (unscoped_affiliation & {"faculty", "staff", "student"}):
-            flash(
-                f"Access Denied! Your account (email: {email}, eppn: {eppn}) is not affiliated with '{shib_org_name}'",
-                "danger")
-            return redirect(url_for("login"))
-
     except Exception as ex:
         app.logger.exception("Failed to login via TUAKIRI.")
         abort(500, ex)
@@ -266,6 +260,13 @@ def handle_login():
         if not user.eppn and eppn:
             user.eppn = eppn
     else:
+
+        if ENV != "dev" and not (unscoped_affiliation & {"faculty", "staff", "student"}):
+            flash(
+                f"Access Denied! Your account (email: {email}, eppn: {eppn}) is not affiliated with '{shib_org_name}'",
+                "danger")
+            return redirect(url_for("login"))
+
         user = User.create(
             email=email,
             eppn=eppn,