From f1e16fbc525d1a46fb0c670fb6ff7abb7f36b1b4 Mon Sep 17 00:00:00 2001 From: H3ALY Date: Tue, 28 Oct 2025 22:26:15 +0000 Subject: [PATCH] =?UTF-8?q?Logged-in=20users=20don=E2=80=99t=20see=20login?= =?UTF-8?q?/signup=20pages?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/http/middleware/auth.go | 15 +++++++++++++++ internal/http/routes/accountroutes.go | 11 +++++++---- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/internal/http/middleware/auth.go b/internal/http/middleware/auth.go index f97a7d8..e09c4b1 100644 --- a/internal/http/middleware/auth.go +++ b/internal/http/middleware/auth.go @@ -103,3 +103,18 @@ func RequireAuth() gin.HandlerFunc { c.Next() } } + +// Redirects authenticated users away from public auth pages. +func PublicOnly() gin.HandlerFunc { + return func(c *gin.Context) { + app := c.MustGet("app").(*bootstrap.App) + sm := app.SessionManager + + if sm.Exists(c.Request.Context(), sessionkeys.UserID) { + c.Redirect(http.StatusSeeOther, "/") + c.Abort() + return + } + c.Next() + } +} diff --git a/internal/http/routes/accountroutes.go b/internal/http/routes/accountroutes.go index 3e6ad6f..049ca49 100644 --- a/internal/http/routes/accountroutes.go +++ b/internal/http/routes/accountroutes.go @@ -11,10 +11,13 @@ func RegisterAccountRoutes(app *bootstrap.App) { r := app.Router acc := r.Group("/account") - acc.GET("/login", accountHandlers.LoginGet) - acc.POST("/login", accountHandlers.LoginPost) - acc.GET("/signup", accountHandlers.SignupGet) - acc.POST("/signup", accountHandlers.SignupPost) + acc.Use(middleware.PublicOnly()) + { + acc.GET("/login", accountHandlers.LoginGet) + acc.POST("/login", accountHandlers.LoginPost) + acc.GET("/signup", accountHandlers.SignupGet) + acc.POST("/signup", accountHandlers.SignupPost) + } // Protected logout accAuth := r.Group("/account")