Stay logged in on certain routes (#392)

This commit adds the @auth_desired decorator to
routes that previous had the @auth_required decorator,
but had it removed in #374. This should cause
the user to remain logged in on these routes.

files/routes/front.py

@@ -467,6 +467,7 @@ def changeloglist(v=None, sort="new", page=1, t="all", site=None):
 
 
 @app.get("/random_post")
+@auth_desired
 def random_post():
 
 	p = g.db.query(Submission.id).filter(Submission.deleted_utc == 0, Submission.is_banned == False, Submission.private == False).order_by(func.random()).first()
@@ -478,6 +479,7 @@ def random_post():
 
 
 @app.get("/random_user")
+@auth_desired
 def random_user():
 	u = g.db.query(User.username).order_by(func.random()).first()
 	

files/routes/search.py

@@ -33,6 +33,7 @@ def searchparse(text):
 
 
 @app.get("/search/posts")
+@auth_desired
 def searchposts(v=None):
 
 	query = request.values.get("q", '').strip()
@@ -175,6 +176,7 @@ def searchposts(v=None):
 						   )
 
 @app.get("/search/comments")
+@auth_desired
 def searchcomments(v=None):
 
 
@@ -267,6 +269,7 @@ def searchcomments(v=None):
 
 
 @app.get("/search/users")
+@auth_desired
 def searchusers(v=None):
 
 	query = request.values.get("q", '').strip()

files/routes/static.py

@@ -58,6 +58,7 @@ def support(v):
 	return render_template('support.html', v=v)
 
 @app.get("/stats")
+@auth_desired
 @cache.memoize(timeout=86400, make_name=make_name)
 def participation_stats(v=None):
 
@@ -113,12 +114,14 @@ def chart():
 
 
 @app.get("/weekly_chart")
+@auth_desired
 def weekly_chart():
 	file = cached_chart(kind="weekly", site=SITE)
 	f = send_file(file)
 	return f
 
 @app.get("/daily_chart")
+@auth_desired
 def daily_chart():
 	file = cached_chart(kind="daily", site=SITE)
 	f = send_file(file)
@@ -204,6 +207,7 @@ def patrons(v):
 
 @app.get("/admins")
 @app.get("/badmins")
+@auth_desired
 def admins(v=None):
 	if v and v.admin_level > 2:
 		admins = g.db.query(User).filter(User.admin_level>1).order_by(User.truecoins.desc()).all()
@@ -214,7 +218,7 @@ def admins(v=None):
 
 @app.get("/log")
 @app.get("/modlog")
-
+@auth_desired
 def log(v=None):
 
 	try: page = max(int(request.values.get("page", 1)), 1)
@@ -255,6 +259,7 @@ def log(v=None):
 	return render_template("log.html", v=v, admins=admins, types=types, admin=admin, type=kind, actions=actions, next_exists=next_exists, page=page)
 
 @app.get("/log/<id>")
+@auth_desired
 def log_item(id, v=None):
 
 	try: id = int(id)
@@ -273,12 +278,14 @@ def log_item(id, v=None):
 
 
 @app.get("/api")
+@auth_desired
 def api(v=None):
 	return render_template("api.html", v=v)
 
 @app.get("/contact")
 @app.get("/press")
 @app.get("/media")
+@auth_desired
 def contact(v=None):
 
 	return render_template("contact.html", v=v)
@@ -408,12 +415,14 @@ def blocks(v):
 	return render_template("blocks.html", v=v, users=users, targets=targets)
 
 @app.get("/banned")
+@auth_desired
 def banned(v=None):
 
 	users = [x for x in g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()]
 	return render_template("banned.html", v=v, users=users)
 
 @app.get("/formatting")
+@auth_desired
 def formatting(v=None):
 
 	return render_template("formatting.html", v=v)

files/routes/users.py

@@ -752,21 +752,25 @@ def api_is_available(name):
 		return {name: True}
 
 @app.get("/id/<id>")
+@auth_desired
 def user_id(id):
 	user = get_account(id)
 	return redirect(user.url)
 		
 @app.get("/u/<username>")
+@auth_desired
 def redditor_moment_redirect(username):
 	return redirect(f"/@{username}")
 
 @app.get("/@<username>/followers")
+@auth_desired
 def followers(username, v=None):
 	u = get_user(username, v=v)
 	users = g.db.query(User).join(Follow, Follow.target_id == u.id).filter(Follow.user_id == User.id).order_by(Follow.created_utc).all()
 	return render_template("followers.html", v=v, u=u, users=users)
 
 @app.get("/@<username>/following")
+@auth_desired
 def following(username, v=None):
 	u = get_user(username, v=v)
 	users = g.db.query(User).join(Follow, Follow.user_id == u.id).filter(Follow.target_id == User.id).order_by(Follow.created_utc).all()