Authenticated but can visit signup and home page
Opened this issue · 1 comments
teyim commented
Describe behavior
I can still access the home screen (the "/" route) even after login, which exposes the login and signup buttons on the navbar, allowing me to visit the signup page while already logged in.
Possible fix
Modify Route guard to prevent user from seeing the home page after being authenticated
PromiseFru commented
Hello @teyim,
Thank you for taking the time to report this issue.
Could you please provide more details regarding the specific vulnerabilities or threats that users may face as a result of this access? Additionally, if possible, could you explain how this could be exploited or cause harm? Any examples of how users may be negatively impacted would also be helpful.
We look forward to hearing back from you and continuing this discussion.