Users that are already logged in (i.e. through a password reset) should be forwarded to the dashboard ONLY if they have permission, otherwise, send them back to the index page

src/ServicesProvider/ServicesProvider.php

@@ -47,6 +47,35 @@ class ServicesProvider
             return $classMapper;
         });
 
+        /*
+         * Returns a callback that forwards to dashboard if user is already logged in.
+         *
+         * @return callable
+         */
+        $container['redirect.onAlreadyLoggedIn'] = function ($c) {
+            /*
+             * This method is invoked when a user attempts to perform certain public actions when they are already logged in.
+             *
+             * @todo Forward to user's landing page or last visited page
+             * @param  \Psr\Http\Message\ServerRequestInterface $request
+             * @param  \Psr\Http\Message\ResponseInterface      $response
+             * @param  array                                    $args
+             * @return \Psr\Http\Message\ResponseInterface
+             */
+            return function (Request $request, Response $response, array $args) use ($c) {
+                /** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
+                $authorizer = $c->authorizer;
+
+                $currentUser = $c->authenticator->user();
+
+                if ($authorizer->checkAccess($currentUser, 'uri_dashboard')) {
+                    return $response->withHeader('UF-Redirect', $c->router->pathFor('dashboard'));
+                } else {
+                    return $response->withHeader('UF-Redirect', $c->router->pathFor('index'));
+                }
+            };
+        };
+
         /*
          * Returns a callback that handles setting the `UF-Redirect` header after a successful login.
          *