If a user visiting /login is already authenticated, bounce them away. This is me trying to avoid hassle for people who bookmarked the login page.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4458 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2023-09-11 16:52:17 +00:00
parent 85ac6c215a
commit 2b94704916

View File

@ -116,12 +116,20 @@ function getCookies(headers) {
function handler(request, response) { function handler(request, response) {
let session = getCookies(request.headers).session; let session = getCookies(request.headers).session;
if (request.uri == "/login") { if (request.uri == "/login") {
let formData = form.decodeForm(request.query);
if (query(request.headers)?.permissions?.authenticated) {
if (formData.return) {
response.writeHead(303, {"Location": formData.return});
} else {
response.writeHead(303, {"Location": (request.client.tls ? 'https://' : 'http://') + request.headers.host + '/', "Content-Length": "0"});
}
response.end();
return;
}
let sessionIsNew = false; let sessionIsNew = false;
let loginError; let loginError;
let formData = form.decodeForm(request.query);
print(request.method, utf8Decode(request.body), JSON.stringify(formData));
if (request.method == "POST" || formData.submit) { if (request.method == "POST" || formData.submit) {
sessionIsNew = true; sessionIsNew = true;
formData = form.decodeForm(utf8Decode(request.body), formData); formData = form.decodeForm(utf8Decode(request.body), formData);