Check current and previous path.

mbta · Nov 15, 2024 · 1b6c9fd · 1b6c9fd
1 parent 1482da4
commit 1b6c9fd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lib/screenplay_web/auth_manager/error_handler.ex b/lib/screenplay_web/auth_manager/error_handler.ex
@@ -9,7 +9,7 @@ defmodule ScreenplayWeb.AuthManager.ErrorHandler do
 
   @impl Guardian.Plug.ErrorHandler
   def auth_error(conn, error, _opts) do
-    if Plug.Conn.get_session(conn, :previous_path) =~ "api" do
+    if conn.request_path =~ "api" or Plug.Conn.get_session(conn, :previous_path) =~ "api" do
       Plug.Conn.send_resp(conn, 403, "Session expired")
     else
       auth_params = auth_params_for_error(error)