From e1c47e8bf60be289ca460525227779e7e7d04433 Mon Sep 17 00:00:00 2001
From: Ethan Dalool <git@voussoir.net>
Date: Sun, 25 Jun 2023 21:13:52 -0700
Subject: [PATCH] Minor decorator fix.

---
 frontends/etiquette_flask/backend/common.py   | 7 +++++--
 frontends/etiquette_flask/backend/sessions.py | 4 ++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/frontends/etiquette_flask/backend/common.py b/frontends/etiquette_flask/backend/common.py
index da7e13e..4365078 100644
--- a/frontends/etiquette_flask/backend/common.py
+++ b/frontends/etiquette_flask/backend/common.py
@@ -99,8 +99,11 @@ def before_request():
     if site.localhost_only and not request.is_localhost:
         return flask.abort(403)
 
-    # Since we don't define this route, I can't just add this where it belongs.
-    # Sorry.
+    if request.url_rule is None:
+        return flask.abort(404)
+
+    # Since we don't define this route (/static/ is a default from flask),
+    # I can't just add this where it belongs. Sorry.
     if request.url_rule.rule == '/static/<path:filename>':
         permission_manager.global_public()
 
diff --git a/frontends/etiquette_flask/backend/sessions.py b/frontends/etiquette_flask/backend/sessions.py
index a21730e..816e3e3 100644
--- a/frontends/etiquette_flask/backend/sessions.py
+++ b/frontends/etiquette_flask/backend/sessions.py
@@ -63,6 +63,10 @@ class SessionManager:
         # Send the token back to the client
         # but only if the endpoint didn't manually set the cookie.
         function_cookies = response.headers.get_all('Set-Cookie')
+
+        if not hasattr(request, 'session') or not request.session:
+            return response
+
         if not any('etiquette_session=' in cookie for cookie in function_cookies):
             response.set_cookie(
                 'etiquette_session',