If a user visiting /login is already authenticated, bounce them away. This is me trying to avoid hassle for people who bookmarked the login page.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4458 ed5197a5-7fde-0310-b194-c3ffbd925b24

core/auth.js

@@ -116,12 +116,20 @@ function getCookies(headers) {
 function handler(request, response) {
 	let session = getCookies(request.headers).session;
 	if (request.uri == "/login") {
+		let formData = form.decodeForm(request.query);
+		if (query(request.headers)?.permissions?.authenticated) {
+			if (formData.return) {
+				response.writeHead(303, {"Location": formData.return});
+			} else {
+				response.writeHead(303, {"Location": (request.client.tls ? 'https://' : 'http://') + request.headers.host + '/', "Content-Length": "0"});
+			}
+			response.end();
+			return;
+		}
+
 		let sessionIsNew = false;
 		let loginError;
 
-		let formData = form.decodeForm(request.query);
-
-		print(request.method, utf8Decode(request.body), JSON.stringify(formData));
 		if (request.method == "POST" || formData.submit) {
 			sessionIsNew = true;
 			formData = form.decodeForm(utf8Decode(request.body), formData);