From 2aa64f7360ec9fa66a2be1868ddcc7aa8abea71d Mon Sep 17 00:00:00 2001
From: Sarah Vaupel <sarah.vaupel@uniworx.de>
Date: Thu, 14 Mar 2024 19:20:37 +0100
Subject: [PATCH] feat(sso): redirect to login when auto-sign-on is enabled and
 user is not authenticated

---
 src/Foundation/SiteLayout.hs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Foundation/SiteLayout.hs b/src/Foundation/SiteLayout.hs
index 46d3f9272..3275485a2 100644
--- a/src/Foundation/SiteLayout.hs
+++ b/src/Foundation/SiteLayout.hs
@@ -156,6 +156,10 @@ siteLayout' overrideHeading widget = do
   --             isParent r = r == (fst parents)
 
   isAuth <- isJust <$> maybeAuthId
+
+  when (appAutoSignOn && not isAuth) $ do
+    $logDebugS "AutoSignOn" "AutoSignOn is enabled in AppSettings and user is not authenticated"
+    redirect $ AuthR LoginR
   
   now <- liftIO getCurrentTime