Hi, is there a way to implement a

withoutAuthRequired

? My logic is- -

/login

should be shown only if a user is not authenticated - If a user is authenticated then

/login

should redirect to

/home

-

/home

should be shown only if a user is authenticated - If a user is not authenticated then

/home

should redirect to

/login

The last two points can use

withAuthRequired

. How can the first two points be implemented?

Hello @sbr! This thread has been automatically created from your message in #843999948717555735 a ``few seconds ago``. Pinging @User so that they see this as well! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ... menu) and select Leave Thread to unsubscribe from future updates. Want to change the title? Use the

/title

command! We have solved your problem? Click the button below to archive it.

for this I would do the same as I what I did with the

withMiddlewareAuthRequired

function I contributed, copy the code from

withAuthRequired

and modify it to redirect the user if a session is detected. Good candidate for your own PR as well. Can cut out most of the cookie validation logic too I believe, just need to check to see if the cookies are set to begin with and possibly whether they are expired. If the auth and refresh cookies exist, and they aren't expired, bounce the user. If auth is expired, try refreshing it and then bounce. If both are invalid/non-existent, allow the request to continue to the requested route

withoutAuthRequired?

@User thanks for your points. Makes a lot of sense