From 04c27e6041e2947471906f6656b8125b7400c772 Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Fri, 10 Jun 2016 14:12:53 +0300
Subject: [PATCH] http 403 is used now for unauthorized requests

---
 motioneye/config.py         | 12 +++++++++++
 motioneye/handlers.py       |  1 +
 motioneye/static/js/main.js | 42 +++++++++++++++++++++----------------
 3 files changed, 37 insertions(+), 18 deletions(-)

diff --git a/motioneye/config.py b/motioneye/config.py
index ad290f7..92b8b20 100644
--- a/motioneye/config.py
+++ b/motioneye/config.py
@@ -1499,6 +1499,18 @@ def motion_rtsp_support():
         return []
 
 
+def motion_mmal_support():
+    import motionctl
+
+    try:
+        binary, version = motionctl.find_motion()  # @UnusedVariable
+        
+        return version == 'mmaltest'
+
+    except:
+        return False
+
+
 def invalidate():
     global _main_config_cache
     global _camera_config_cache
diff --git a/motioneye/handlers.py b/motioneye/handlers.py
index 7a3ea78..63159a8 100644
--- a/motioneye/handlers.py
+++ b/motioneye/handlers.py
@@ -158,6 +158,7 @@ class BaseHandler(RequestHandler):
                 user = self.current_user
                 if (user is None) or (user != 'admin' and (admin or _admin)):
                     self.set_header('Content-Type', 'application/json')
+                    self.set_status(403)
 
                     return self.finish_json({'error': 'unauthorized', 'prompt': prompt})
 
diff --git a/motioneye/static/js/main.js b/motioneye/static/js/main.js
index f1fc9f0..0a92b00 100644
--- a/motioneye/static/js/main.js
+++ b/motioneye/static/js/main.js
@@ -419,32 +419,38 @@ function ajax(method, url, data, callback, error, timeout) {
     
     url = addAuthParams(method, url, processData ? data : null);
     
+    function onResponse(data) {
+        if (data && data.error == 'unauthorized') {
+            if (data.prompt) {
+                runLoginDialog(function () {
+                    ajax(method, origUrl, origData, callback, error);
+                });
+            }
+            
+            window._loginRetry = true;
+        }
+        else {
+            delete window._loginRetry;
+            if (callback) {
+                $('body').toggleClass('admin', isAdmin());
+                callback(data);
+            }
+        }
+    }
+
     var options = {
         type: method,
         url: url,
         data: data,
         timeout: timeout || 300 * 1000,
-        success: function (data) {
-            if (data && data.error == 'unauthorized') {
-                if (data.prompt) {
-                    runLoginDialog(function () {
-                        ajax(method, origUrl, origData, callback, error);
-                    });
-                }
-                
-                window._loginRetry = true;
-            }
-            else {
-                delete window._loginRetry;
-                if (callback) {
-                    $('body').toggleClass('admin', isAdmin());
-                    callback(data);
-                }
-            }
-        },
+        success: onResponse,
         contentType: json ? 'application/json' : false,
         processData: processData,
         error: error || function (request, options, error) {
+            if (request.status == 403) {
+                return onResponse(request.responseJSON);
+            }
+            
             showErrorMessage();
             if (callback) {
                 callback();
-- 
2.39.5