From b59e4cadaaa0b77baacaf8bf3c98d8159714172c Mon Sep 17 00:00:00 2001
From: justcool393 <justcool393@gmail.com>
Date: Wed, 30 Nov 2022 10:49:15 -0600
Subject: [PATCH] login: don't allow logged in users to attempt to login

---
 files/routes/login.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/files/routes/login.py b/files/routes/login.py
index 48dedfcc8..92b4a26a6 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -37,9 +37,10 @@ def login_deduct_when(resp):
 	return g.login_failed
 
 @app.post("/login")
+@auth_desired
 @limiter.limit("6/minute;10/day", deduct_when=login_deduct_when)
-def login_post():
-	template = ''
+def login_post(v:Optional[User]):
+	if v: abort(400)
 	g.login_failed = True
 
 	username = request.values.get("username")