fix: redirect to dashboard when already logged in at callback url

2 files changed, 21 insertions, 0 deletions

diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go
index 2853358..898244c 100644
--- a/app/controllers/sessions/controller.go
+++ b/app/controllers/sessions/controller.go
@@ -93,6 +93,11 @@ When it is decoded it has the following form:
 ```
 */
 func (c *Controller) Create(w http.ResponseWriter, r *http.Request) {
+	if middleware.IsLoggedIn(r) {
+		http.Redirect(w, r, "/dashboard", http.StatusFound)
+		return
+	}
+
 	tokens, err := c.svc.Exchange(r)
 	if err != nil {
 		pls.LogError(r.Context(), err)
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index 00e3f4e..b3e1d56 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -110,6 +110,22 @@ func TestSessions(t *testing.T) {
 			assert.Equal(t, http.StatusBadRequest, w.Code)
 		})
 
+		t.Run("when already logged in", func(t *testing.T) {
+			t.Run("redirects to the dashboard", func(t *testing.T) {
+				user := &domain.User{}
+				r, w := test.RequestResponse(
+					"GET",
+					"/session/callback?code=valid",
+					test.WithContextKeyValue(t.Context(), xcfg.CurrentUser, user),
+				)
+
+				mux.ServeHTTP(w, r)
+
+				require.Equal(t, http.StatusFound, w.Code)
+				assert.Equal(t, "/dashboard", w.Header().Get("Location"))
+			})
+		})
+
 		t.Run("with a valid authorization code grant", func(t *testing.T) {
 			user := mockoidc.DefaultUser()
 			code := srv.CreateAuthorizationCodeFor(user)