From 4cd6fe8a5667efd195a96e50eb2be7ed1ee26196 Mon Sep 17 00:00:00 2001
From: NGPixel <github@ngpixel.com>
Date: Sun, 19 Jul 2020 15:30:29 -0400
Subject: [PATCH] fix: unauthorized admin should receive 403 code

---
 server/controllers/common.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/common.js b/server/controllers/common.js
index 338ae5fe..4dc0a112 100644
--- a/server/controllers/common.js
+++ b/server/controllers/common.js
@@ -47,7 +47,7 @@ router.get(['/a', '/a/*'], (req, res, next) => {
     'manage:api'
   ])) {
     _.set(res.locals, 'pageMeta.title', 'Unauthorized')
-    return res.render('unauthorized', { action: 'view' })
+    return res.status(403).render('unauthorized', { action: 'view' })
   }
 
   _.set(res.locals, 'pageMeta.title', 'Admin')