From 0b62df2bb47ca7f4d79ad69096b69f4521fb3ef3 Mon Sep 17 00:00:00 2001
From: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Date: Thu, 11 Apr 2024 13:48:20 +0200
Subject: [PATCH] Add "UserIsAlreadyLoggedIn" property to BackOfficeLoginModel
 (#16034)

---
 .../Controllers/BackOfficeLoginController.cs  | 20 ++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/Umbraco.Cms.Api.Management/Controllers/BackOfficeLoginController.cs b/src/Umbraco.Cms.Api.Management/Controllers/BackOfficeLoginController.cs
index 9cb134e9a9..c0c3fc14bf 100644
--- a/src/Umbraco.Cms.Api.Management/Controllers/BackOfficeLoginController.cs
+++ b/src/Umbraco.Cms.Api.Management/Controllers/BackOfficeLoginController.cs
@@ -1,13 +1,14 @@
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Hosting;
 
 namespace Umbraco.Cms.Api.Management;
 
 [BindProperties]
-public class
-    BackOfficeLoginModel
+public class BackOfficeLoginModel
 {
     /// <summary>
     /// Gets or sets the value of the "ReturnUrl" query parameter or defaults to the configured Umbraco directory.
@@ -19,6 +20,8 @@ public class
     /// The configured Umbraco directory.
     /// </summary>
     public string? UmbracoUrl { get; set; }
+
+    public bool UserIsAlreadyLoggedIn { get; set; }
 }
 
 [ApiExplorerSettings(IgnoreApi=true)]
@@ -38,13 +41,24 @@ public class BackOfficeLoginController : Controller
     }
 
     // GET
-    public IActionResult Index(CancellationToken cancellationToken, BackOfficeLoginModel model)
+    public async Task<IActionResult> Index(CancellationToken cancellationToken, BackOfficeLoginModel model)
     {
+        AuthenticateResult cookieAuthResult = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType);
+        if (cookieAuthResult.Succeeded)
+        {
+            model.UserIsAlreadyLoggedIn = true;
+        }
+
         if (string.IsNullOrEmpty(model.UmbracoUrl))
         {
             model.UmbracoUrl = _hostingEnvironment.ToAbsolute(_globalSettings.UmbracoPath);
         }
 
+        if (Uri.TryCreate(model.ReturnUrl, UriKind.Absolute, out _))
+        {
+            return BadRequest("ReturnUrl must be a relative path.");
+        }
+
         if (string.IsNullOrEmpty(model.ReturnUrl))
         {
             model.ReturnUrl = model.UmbracoUrl;