From 8a6a52713b74df9fc615462a72d5bdbefd389077 Mon Sep 17 00:00:00 2001
From: Bryan Brancotte <bryan.brancotte@pasteur.fr>
Date: Fri, 30 Aug 2019 15:20:45 +0200
Subject: [PATCH] Prevent account creation when authenticated

---
 basetheme_bootstrap/views.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/basetheme_bootstrap/views.py b/basetheme_bootstrap/views.py
index 4c6f4e5..d8bc3b7 100644
--- a/basetheme_bootstrap/views.py
+++ b/basetheme_bootstrap/views.py
@@ -9,6 +9,7 @@ from django.contrib.auth.forms import PasswordChangeForm
 from django.core.mail import send_mail
 from django.db.models import ProtectedError
 from django.forms import widgets
+from django.http import HttpResponseForbidden
 from django.shortcuts import render, redirect
 from django.template import TemplateDoesNotExist
 from django.utils.translation import ugettext
@@ -49,6 +50,8 @@ def change_password(request):
 
 
 def signup(request):
+    if not request.user.is_anonymous:
+        return HttpResponseForbidden()
     if request.method == 'POST':
         form = UserCreationFormWithMore(request.POST)
         if form.is_valid():
-- 
GitLab