The problems come when you have a user who lacks the necessary permissions and so has been sent back to the login form to log in as a different user. Your extension will cause an infinite loop. It's an example of the difficulties of fiddling with this behaviour.
Arguably, users who are already logged in shouldn't be sent to the log-in screen: they should be send to a screen that says "you don't have access" and provides a button to log out and then log in as a new user. This would be a modification to Security::permissionFailure(). If we made that change, then we wouldn't risk infinite loops from the change you propose.
If we wanted to improve this, I'd suggest:
- thinking through all the edge-cases and deciding what the best improvement of the whole system is
- making the change in the master branch, as it's a risky thing to change
Thanks,
Sam