From 39ec39239460dde97babbca6d3ab9fb4a958ad65 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Wed, 27 Oct 2010 09:03:42 +0100
Subject: [PATCH] Fixes some SSO views that allowed anonymous access

---
 sso/views.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sso/views.py b/sso/views.py
index d18b031..70ca937 100644
--- a/sso/views.py
+++ b/sso/views.py
@@ -94,6 +94,7 @@ def eveapi_del(request, userid=0):
 
     return HttpResponseRedirect(reverse('sso.views.profile'))
 
+@login_required
 def eveapi_refresh(request, userid=0):
     if userid > 0 :
         try:
@@ -277,6 +278,7 @@ def user_view(request, username=None):
 
     return render_to_response('sso/lookup/user.html', locals(), context_instance=RequestContext(request))
 
+@login_required
 def user_lookup(request):
     form = UserLookupForm()