Initial fix

ihatemoney/static/css/main.css

@@ -645,3 +645,8 @@ footer .icon svg {
 .edit-project .custom-file {
   margin-bottom: 2em;
 }
+
+.connected-projects {
+  a {
+  }
+}

ihatemoney/templates/home.html

@@ -33,6 +33,20 @@
 </header>
 <main class="row home">
   <div class="card-deck ml-auto mr-auto">
+  {% if 'projects' in session %}
+    <div class="card">
+      <div class="card-header">
+        {{ _("Open a project in your current session") }}
+      </div>
+      <div class="card-body">
+        <ul class="connected-projects">
+          {% for id, name in session['projects'].items() %}
+            <li><a href="{{ url_for("main.list_bills", project_id=id )}}">{{name}}</a>
+          {% endfor %}
+        </ul>
+      </div>
+    </div>
+    {% endif %}
     <div class="card">
       <div class="card-header">
         {{ _("Log in to an existing project") }}

ihatemoney/tests/api_test.py

@@ -6,6 +6,7 @@ import pytest
 
 from ihatemoney.tests.common.help_functions import em_surround
 from ihatemoney.tests.common.ihatemoney_testcase import IhatemoneyTestCase
+from flask import session
 
 
 class TestAPI(IhatemoneyTestCase):
@@ -1079,3 +1080,29 @@ class TestAPI(IhatemoneyTestCase):
         # Bill type should now be "Expense"
         got = json.loads(req.data.decode("utf-8"))
         assert got["bill_type"] == "Expense"
+
+    def test_get_auth(self):
+        """
+        Redirects to logged in projects
+        """
+        self.create_project("test-project")
+        self.login("test-project")
+
+    def test_post_auth_wrong_password(self):
+        """
+        Rejects wrong passwords for projects
+        in the session
+        """
+        self.create_project("project1", password="a")
+        self.login("project1", "a")
+
+        print(session["projects"])
+        
+
+    def test_post_auth_correct_password(self):
+        """
+        Accepts correct passwords for projects
+        in the session
+        """
+        pass
+

ihatemoney/web.py

@@ -258,6 +258,7 @@ def join_project(token):
 def authenticate(project_id=None):
     """Authentication form"""
     form = AuthenticationForm()
+    is_post_auth = request.method == "POST" and form.validate()
 
     if not form.id.data and request.args.get("project_id"):
         form.id.data = request.args["project_id"]
@@ -271,13 +272,12 @@ def authenticate(project_id=None):
             "authenticate.html", form=form, create_project=project_id
         )
     
-    # if credentials are already in session, redirect
+    # if credentials are already in session and no password is provided, redirect
-    if session.get(project_id):
+    if session.get(project_id) and not is_post_auth:
         setattr(g, "project", project)
         return redirect(url_for(".list_bills"))
 
     # else do form authentication authentication
-    is_post_auth = request.method == "POST" and form.validate()
     if is_post_auth and check_password_hash(project.password, form.password.data):
         set_authorized_project(project)
         setattr(g, "project", project)
@@ -290,6 +290,7 @@ def authenticate(project_id=None):
 
 
 def get_project_form():
+    fancy = {'complexity':'Cyclo. compl.', 'churn': 'Churn', 'comments_ratio': 'Ratio', 'loc': 'LOC', 'dit': 'DIT', 'cbo': 'CBO', 'vulns': 'Vuln.', 'smells': 'Smells'}
     if current_app.config.get("ENABLE_CAPTCHA", False):
         return ProjectFormWithCaptcha()
     return ProjectForm()