qwik icon indicating copy to clipboard operation
qwik copied to clipboard
verified publisher icon QwikDev

docs: add qwik-auth route protection example

Open ulic75 opened this issue 2 years ago • 1 comments

What is it?

  • [ ] Feature / enhancement
  • [ ] Bug
  • [x] Docs / tests / types / typos

Description

Add an example of how to provide route protection

Checklist:

  • [x] My code follows the developer guidelines of this project
  • [x] I have performed a self-review of my own code
  • [ ] I have made corresponding changes to the documentation
  • [ ] Added new tests to cover the fix / functionality

ulic75 avatar May 08 '23 21:05 ulic75

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

bolt-new-by-stackblitz[bot] avatar May 08 '23 21:05 bolt-new-by-stackblitz[bot]

Seems like a good idea. I'm out of town for a while.

On Wed, May 17, 2023, 12:30 roman zanettin @.***> wrote:

@.**** commented on this pull request.

In packages/docs/src/routes/docs/integrations/authjs/index.mdx https://github.com/BuilderIO/qwik/pull/4119#discussion_r1196970887:

@@ -230,3 +230,18 @@ AUTH_SECRET=

  1. The application is now ready to impliment authentication using Auth.js.
  2. Enjoy!

+### Route Protection + +Session data can be accessed via the route event.sharedMap. So a route can be protected and redirect using something like this located in a layout.tsx or page index.tsx: + +```tsx +export const onRequest: RequestHandler = (event) => {

  • const session: Session | null = event.sharedMap.get('session');
  • if (!session || new Date(session.expires) < new Date()) {
  • throw event.redirect(302, /api/auth/signin?callbackUrl=${event.url.href});
  • } +}; +```

+> Note: If placed in a layout.tsx ensure that the redirect destination does not share the same layout.tsx or a redirection loop could occur.

thank you @ulic75 https://github.com/ulic75 🙏 should we check the current location as well on the expression to avoid a potential loop? like when you're already on the sign in page, do not redirect?

— Reply to this email directly, view it on GitHub https://github.com/BuilderIO/qwik/pull/4119#pullrequestreview-1431418189, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLBN3BC7TPWXLADIA3E2QTXGURNZANCNFSM6AAAAAAX2XM5IU . You are receiving this because you were mentioned.Message ID: @.***>

ulic75 avatar May 17 '23 20:05 ulic75

This was a great help to me...took me a while to find this since it's still an open PR. But it works as expected for my route protections. I'm using a narrow layout-app.tsx and the [email protected] convention and it appears to work correctly.

KaizenProgrammer avatar May 31 '23 19:05 KaizenProgrammer

Hi @ulic75 wave imo we could merge this. objections?

Yeah, let's do it.

ulic75 avatar Jun 03 '23 18:06 ulic75