From 6dc4434e51addfd963710bd38ec540a4a590d6b5 Mon Sep 17 00:00:00 2001
From: SKairinos <stefan.kairinos@ocado.com>
Date: Thu, 13 Jun 2024 18:05:45 +0000
Subject: [PATCH] fix csrf and login redirect to dashboard

---
 src/api/index.ts          |  6 +++++-
 src/pages/login/Login.tsx | 25 +++++++++++++++++++++++--
 yarn.lock                 |  2 +-
 3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/src/api/index.ts b/src/api/index.ts
index 6b3ea77..ea06ab2 100644
--- a/src/api/index.ts
+++ b/src/api/index.ts
@@ -24,7 +24,11 @@ const api = createApi({
   baseQuery: async (args, api, extraOptions) => {
     if (api.type === "mutation" && getCsrfCookie() === undefined) {
       // Get the CSRF token.
-      const { error } = await fetch({ url: "", method: "GET" }, api, {})
+      const { error } = await fetch(
+        { url: "/csrf/cookie", method: "GET" },
+        api,
+        {},
+      )
 
       // Validate we got the CSRF token.
       if (error !== undefined) {
diff --git a/src/pages/login/Login.tsx b/src/pages/login/Login.tsx
index 40e8d64..5cc90bc 100644
--- a/src/pages/login/Login.tsx
+++ b/src/pages/login/Login.tsx
@@ -1,10 +1,15 @@
-import type { FC } from "react"
+import { useEffect, type FC } from "react"
 import * as yup from "yup"
 
 import * as page from "codeforlife/components/page"
-import { useSearchParamEntries } from "codeforlife/hooks"
+import {
+  useNavigate,
+  useSearchParamEntries,
+  useSessionMetadata,
+} from "codeforlife/hooks"
 import { tryValidateSync } from "codeforlife/utils/schema"
 
+import { paths } from "../../router"
 import IndyForm from "./IndyForm"
 import * as studentForms from "./studentForms"
 import * as teacherForms from "./teacherForms"
@@ -20,6 +25,9 @@ export interface LoginProps {
 }
 
 const Login: FC<LoginProps> = ({ form }) => {
+  const sessionMetadata = useSessionMetadata()
+  const navigate = useNavigate()
+
   const searchParams = tryValidateSync(
     useSearchParamEntries(),
     yup.object({
@@ -27,6 +35,19 @@ const Login: FC<LoginProps> = ({ form }) => {
     }),
   )
 
+  useEffect(() => {
+    if (sessionMetadata && !sessionMetadata.auth_factors.length) {
+      navigate(
+        {
+          teacher: paths.teacher.dashboard.school._,
+          student: paths.student.dashboard._,
+          indy: paths.indy.dashboard._,
+        }[sessionMetadata.user_type],
+        { replace: true },
+      )
+    }
+  }, [sessionMetadata, navigate])
+
   return (
     <page.Page>
       {searchParams?.verifyEmail && (
diff --git a/yarn.lock b/yarn.lock
index 2ef81df..71eb04c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2576,7 +2576,7 @@ clsx@^2.1.0:
 
 "codeforlife@github:ocadotechnology/codeforlife-package-javascript#auth_flow":
   version "2.0.0"
-  resolved "https://codeload.github.com/ocadotechnology/codeforlife-package-javascript/tar.gz/182d467560528a7d64108e8a7d04ac76efedb2ba"
+  resolved "https://codeload.github.com/ocadotechnology/codeforlife-package-javascript/tar.gz/73814fa45fd15f8ea8f92a063163a8166980c549"
   dependencies:
     "@emotion/react" "^11.10.6"
     "@emotion/styled" "^11.10.6"