From 204c9905c4d264668f873a49c1333e819d3cbb2d Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Wed, 23 Oct 2019 23:27:52 +0100
Subject: [PATCH] Authorized default to inbox

---
 daemon.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/daemon.py b/daemon.py
index 191992c6..d3c006b6 100644
--- a/daemon.py
+++ b/daemon.py
@@ -613,9 +613,12 @@ class PubServer(BaseHTTPRequestHandler):
                 tokenStr=self.headers['Cookie'].split('=',1)[1]
                 if self.server.tokensLookup.get(tokenStr):
                     nickname=self.server.tokensLookup[tokenStr]
+                    # default to the inbox of the person
+                    if self.path=='/':
+                        self.path='/users/'+nickname+'/inbox'
                     # check that the path contains the same nickname as the cookie
                     # otherwise it would be possible to be authorized to use
-                    # an account you don't own
+                    # an account you don't own                    
                     if '/'+nickname+'/' in self.path:
                         return True
                     if self.path.endswith('/'+nickname):