diff options
| -rw-r--r-- | app/controllers/sessions/controller.go | 5 | ||||
| -rw-r--r-- | app/controllers/sessions/controller_test.go | 16 |
2 files changed, 21 insertions, 0 deletions
diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go index 2853358..898244c 100644 --- a/app/controllers/sessions/controller.go +++ b/app/controllers/sessions/controller.go @@ -93,6 +93,11 @@ When it is decoded it has the following form: ``` */ func (c *Controller) Create(w http.ResponseWriter, r *http.Request) { + if middleware.IsLoggedIn(r) { + http.Redirect(w, r, "/dashboard", http.StatusFound) + return + } + tokens, err := c.svc.Exchange(r) if err != nil { pls.LogError(r.Context(), err) diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go index 00e3f4e..b3e1d56 100644 --- a/app/controllers/sessions/controller_test.go +++ b/app/controllers/sessions/controller_test.go @@ -110,6 +110,22 @@ func TestSessions(t *testing.T) { assert.Equal(t, http.StatusBadRequest, w.Code) }) + t.Run("when already logged in", func(t *testing.T) { + t.Run("redirects to the dashboard", func(t *testing.T) { + user := &domain.User{} + r, w := test.RequestResponse( + "GET", + "/session/callback?code=valid", + test.WithContextKeyValue(t.Context(), xcfg.CurrentUser, user), + ) + + mux.ServeHTTP(w, r) + + require.Equal(t, http.StatusFound, w.Code) + assert.Equal(t, "/dashboard", w.Header().Get("Location")) + }) + }) + t.Run("with a valid authorization code grant", func(t *testing.T) { user := mockoidc.DefaultUser() code := srv.CreateAuthorizationCodeFor(user) |