fix: redirect logged-in users from login page to dashboard

[sputnik-mac]

Summary

When a user with an active session navigates to /login (e.g., by clicking "Get Started" on the homepage), they currently see the login form even though they're already authenticated. This is confusing since their session is valid.

Changes

src/app/login/LoginPage.tsx: Added auth check using the existing useLoginQuery hook. If the user is already logged in, they are redirected to / (which routes to their dashboard). While loading/redirecting, a loading indicator is shown instead of the login form.

How it works

1. useLoginQuery calls POST /auth/verify — this validates the token server-side
2. If valid → router.replace('/') redirects to dashboard
3. If invalid/expired → login form renders as before (no behavior change)

Fixes #4094

[vercel]

@sputnik-mac is attempting to deploy a commit to the Umami Software Team on Vercel.

A member of the Team first needs to authorize it.

[greptile-apps]

Greptile Summary

This PR fixes a UX issue where already-authenticated users navigating to /login would see the login form despite having a valid session. The fix adds an auth check to LoginPage using the existing useLoginQuery hook, showing a loading indicator while verifying and redirecting to / if the session is valid.

• Uses the pre-existing useLoginQuery (which calls POST /auth/verify) — no new API surface introduced
• Correctly handles all three states: user already in the app store (immediate redirect), valid token verified server-side (redirect after query resolves), and no valid token (login form renders as before)
• In React Query v5, isLoading is false when the query is disabled (enabled: !user) — but the user branch of isLoading || user correctly covers that case, so the loading screen always shows during redirect
• Unauthenticated users will see a brief loading flash while the /auth/verify request is in flight; this is a minor, acceptable trade-off for the improved authenticated-user experience

Confidence Score: 5/5

• Safe to merge — the change is minimal, uses well-established patterns already present in the codebase, and does not alter behaviour for unauthenticated users.
• Single-file change that reuses an existing, widely-used hook (useLoginQuery). All three authentication states (user in store, valid token, invalid/no token) are handled correctly. No new API calls, no new state, and the fallback path (unauthenticated → login form) is unchanged.
• No files require special attention.

Important Files Changed

Filename	Overview
src/app/login/LoginPage.tsx	Adds auth check using the existing useLoginQuery hook; shows a loading indicator while verifying, redirects authenticated users to /, and renders the login form unchanged for unauthenticated users. Logic is correct across all three states (user in store, valid token, invalid/no token).

Sequence Diagram

sequenceDiagram
    participant U as User (Browser)
    participant LP as LoginPage
    participant LQ as useLoginQuery
    participant API as POST /auth/verify
    participant Store as App Store

    U->>LP: Navigate to /login
    LP->>LQ: Call useLoginQuery()
    LQ->>Store: Read user from app store

    alt User already in store
        Store-->>LQ: user (truthy)
        LQ-->>LP: { user, isLoading: false }
        LP->>U: Render <Loading />
        LP->>U: router.replace('/') [useEffect]
    else User NOT in store
        Store-->>LQ: null
        LQ->>API: POST /auth/verify (token from cookie/header)
        LP->>U: Render <Loading /> (isLoading: true)

        alt Token valid
            API-->>LQ: user data
            LQ->>Store: setUser(data)
            LQ-->>LP: { user, isLoading: false }
            LP->>U: Render <Loading /> (user truthy)
            LP->>U: router.replace('/') [useEffect]
        else Token invalid / no token
            API-->>LQ: 401 error
            LQ-->>LP: { user: null, isLoading: false }
            LP->>U: Render <LoginForm />
        end
    end

Loading

_{Reviews (1): Last reviewed commit: "fix: redirect logged-in users from login..." | Re-trigger Greptile}