X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=server%2Futils%2Faccess.js;h=2e2fa92d05144933749cd94c3dd95a608b6e7a1a;hb=5ea8d11307ef9e50bdd0b93708570976f3f6012e;hp=20f3f791ae554e55fd2f7ddf3952676ebd3df8bb;hpb=625022fdcf750f0aff8fcd699f7e9b89730e1d10;p=vchess.git

diff --git a/server/utils/access.js b/server/utils/access.js
index 20f3f791..2e2fa92d 100644
--- a/server/utils/access.js
+++ b/server/utils/access.js
@@ -6,7 +6,7 @@ module.exports =
 	logged: function(req, res, next) {
 		const callback = () => {
 			if (!loggedIn)
-				return res.redirect("/");
+				return res.json({errmsg: "Not logged in"});
 			next();
 		};
 		let loggedIn = undefined;
@@ -28,8 +28,6 @@ module.exports =
 				{
 					// Token in cookies presumably wrong: erase it
 					res.clearCookie("token");
-					res.clearCookie("id");
-					res.clearCookie("name");
 					loggedIn = false;
 				}
 				callback();
@@ -42,13 +40,13 @@ module.exports =
 		// Just a quick heuristic, which should be enough
 		const loggedIn = !!req.cookies.token;
 		if (loggedIn)
-			return res.redirect("/");
+			return res.json({errmsg: "Already logged in"});
 		next();
 	},
 
 	// Prevent direct access to AJAX results
 	ajax: function(req, res, next) {
-		if (!req.xhr)
+    if (!req.xhr)
 			return res.json({errmsg: "Unauthorized access"});
 		next();
 	},