From 366c3b13a704cf2a970c715f6c86d3fecb0fae1a Mon Sep 17 00:00:00 2001
From: FmaresWGU <fmares@wgu.edu>
Date: Wed, 29 Apr 2026 15:16:50 -0700
Subject: [PATCH] Fix auth redirect on landing page and inconsistent auth state

Returning authenticated users hitting / were served the marketing
landing page instead of being redirected to dashboard. Separately,
get_current_user() only checked user_id in session without validating
token expiry, causing /auth/status to report authenticated while
upload endpoints returned 401 for sessions with expired tokens.

Closes #18
---
 backend/auth/decorators.py                    |  6 ++++
 .../react-ts/src/pages/LandingPage.tsx        | 31 +++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/backend/auth/decorators.py b/backend/auth/decorators.py
index eabda8d..67b4a5f 100644
--- a/backend/auth/decorators.py
+++ b/backend/auth/decorators.py
@@ -67,6 +67,12 @@ def get_current_user():
     if 'user_id' not in session:
         return None
     
+    if 'access_token_expires' in session:
+        expires_at = datetime.fromisoformat(session['access_token_expires'])
+        if datetime.utcnow() > expires_at:
+            if not refresh_access_token():
+                return None
+            
     return {
         'user_id': session.get('user_id'),
         'user_email': session.get('user_email'),
diff --git a/frontend-vite/react-ts/src/pages/LandingPage.tsx b/frontend-vite/react-ts/src/pages/LandingPage.tsx
index 6a89f78..33ea35c 100644
--- a/frontend-vite/react-ts/src/pages/LandingPage.tsx
+++ b/frontend-vite/react-ts/src/pages/LandingPage.tsx
@@ -6,10 +6,41 @@ import {
   Upload,
   Cpu,
 } from 'lucide-react';
+import { useState, useEffect } from 'react';
+import { useNavigate } from 'react-router-dom';
+import axios from 'axios';
 import BarcodeWidget from '../components/BarcodeWidget';
 import Navbar from '../components/Navbar';
 
 function LandingPage() {
+  const [authLoading, setAuthLoading] = useState(true);
+  const navigate = useNavigate();
+  const API_URL = import.meta.env.VITE_API_URL || 'http://localhost:5000';
+
+  useEffect(() => {
+    const checkAuthStatus = async () => {
+      try {
+        const response = await axios.get(`${API_URL}/auth/status`, { withCredentials: true });
+        if (response.data.authenticated) {
+          navigate('/dashboard', { replace: true });
+        } else {
+          setAuthLoading(false);
+        }
+      } catch {
+        setAuthLoading(false);
+      }
+    };
+    checkAuthStatus();
+  }, []);
+
+  if (authLoading) {
+    return (
+      <div className="flex items-center justify-center min-h-screen bg-background">
+        <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-primary"></div>
+      </div>
+    );
+  }
+
   return (
     <div className="flex min-h-screen flex-col bg-background">
       <Navbar />