Unused s.requireNoAuth?

[kriive]

The requireNoAuth middleware should redirect users to the homepage if they are already logged.

https://github.com/benbjohnson/wtf/blob/05bc90c940d5f9e2490fc93cf467d9e8aa48ad63/http/server.go#L111-L116

But if they are required to be not logged, how can they issue a logout, since the route is protected by the requireNoAuth middleware? https://github.com/benbjohnson/wtf/blob/05bc90c940d5f9e2490fc93cf467d9e8aa48ad63/http/auth.go#L19-L24

My guess is that the mux subrouter doesn't authenticate the user (note the s.router.PathPrefix("/") and not router.PathPrefix("/")), so the requireNoAuth always delegates to the next handler, thus no restrictions are actually in place.