activist icon indicating copy to clipboard operation
activist copied to clipboard

Published 20 hours ago verified publisher icon activist-org

Protect frontend routes based on user logged in status

Open andrewtavis opened this issue 9 months ago • 1 comments

Terms

Description

Something that’s needed is to make sure that certain routes aren’t reachable given the status of the user. Specifically the following routes should be blocked if the user isn’t signed in:

  • /organizations/create
  • /groups/create
  • /events/create
  • /resources/create

Signed in users should also be redirected to /home if they navigate to auth pages directly via a URL. Beyond this we have the settings pages, which should be protected eventually, but only after they switch over from being template pages.

Suggestions for other pages that need attention would be welcome!

Contribution

I’ll likely work on this once we get the final routes decided and once there’s more connection between the front and back end.

andrewtavis avatar May 05 '24 09:05 andrewtavis

I imagine that protecting based on roles would also fall under here + simply doing things like only rendering certain components (or parts of components) based on whether user has certain roles

wkyoshida avatar May 09 '24 03:05 wkyoshida

Note from the sync: we can do an on mounted check and then directly route them to auth/sign-in if they for some reason don't have a token 🪙

andrewtavis avatar May 18 '24 17:05 andrewtavis

Hi, can I try to work on this feature, I have done some authentication/authorization in React but if it's possible I would like to try to implement it in VueJS as well. Thanks! :)

UnknownSean8 avatar May 27 '24 04:05 UnknownSean8

Sounds good, @UnknownSean8! This one would be more high priority than the map tooltip, so it'd be good if you'd try to get a solution for this up sooner. Let us know if there's anything we can do to help!

andrewtavis avatar May 27 '24 05:05 andrewtavis

@momanyisamuel and I are talking about this now :) The best way to do this would be to enable Pinia and have the middleware handle the routes and their respective protections.

andrewtavis avatar May 31 '24 18:05 andrewtavis

Ahhh, but the current pinia is not fully implemented yet right, I'll be implementing it? Thanks!

UnknownSean8 avatar May 31 '24 18:05 UnknownSean8

We're sending a base Pinia implementation in #891 :) We can talk more about this tomorrow 😊

andrewtavis avatar May 31 '24 18:05 andrewtavis

Okay! I'll try to attend if possible. As the time zone difference is pretty big rn as I'm back in my home country for a month. :/

UnknownSean8 avatar Jun 01 '24 09:06 UnknownSean8

Hii, I was looking into the commits just now, specifically 3cf5fb2c25159194f0ba354489bd690f6ee5b4a1, it seems like some of the routes have already been done. Maybe I could follow those implementations and do something similar for the other routes? 😬

UnknownSean8 avatar Jun 01 '24 13:06 UnknownSean8

Closed by #896 and 3cf5fb2 😊 Thanks, @UnknownSean8!

andrewtavis avatar Jun 09 '24 17:06 andrewtavis