/-/auth-token as root redirects to /, closes #2375

2025-12-10 16:51:24 +01:00 · 2024-07-26 14:09:20 -07:00 · 2024-07-26 14:09:20 -07:00 · 81b68a143a
commit 81b68a143a
parent feccfa2a4d
2 changed files with 9 additions and 0 deletions
--- a/datasette/views/special.py
+++ b/datasette/views/special.py
@ -75,6 +75,9 @@ class AuthTokenView(BaseView):
    has_json_alternate = False

    async def get(self, request):
+        # If already signed in as root, redirect
+        if request.actor and request.actor.get("id") == "root":
+            return Response.redirect(self.ds.urls.instance())
        token = request.args.get("token") or ""
        if not self.ds._root_token:
            raise Forbidden("Root token has already been used")