owltide/middleware/authenticated.ts

export default defineNuxtRouteMiddleware(async (to, from) => {
	const accountStore = useAccountStore();

	if (!accountStore.valid) {
		console.log("Not logged in, redirecting to /login");
		return navigateTo("/login");
	}

	if (
		to.meta.allowedAccountTypes
		&& !to.meta.allowedAccountTypes.includes(accountStore.type!)
	) {
		throw createError({
			status: 403,
			statusMessage: "Forbidden",
			message: "You are not allowed to access this resource.",
		})
	}
})
Fix server redirectng to login when logged in When rendering on the server the session is not eagerly loaded when the authenticated middleware runs, causing it to think the user is not logged in. Fix by awaiting the session composable. 2025-03-09 15:51:00 +01:00			`export default defineNuxtRouteMiddleware(async (to, from) => {`
Use a pinia store to manage account state Refactor the existing scattered code dealing with the account state into a pinia store. 2025-05-24 20:01:23 +02:00			`const accountStore = useAccountStore();`
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications. 2025-03-07 18:43:24 +01:00
Use a pinia store to manage account state Refactor the existing scattered code dealing with the account state into a pinia store. 2025-05-24 20:01:23 +02:00			`if (!accountStore.valid) {`
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications. 2025-03-07 18:43:24 +01:00			`console.log("Not logged in, redirecting to /login");`
			`return navigateTo("/login");`
			`}`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00
			`if (`
			`to.meta.allowedAccountTypes`
Use a pinia store to manage account state Refactor the existing scattered code dealing with the account state into a pinia store. 2025-05-24 20:01:23 +02:00			`&& !to.meta.allowedAccountTypes.includes(accountStore.type!)`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`) {`
			`throw createError({`
			`status: 403,`
			`statusMessage: "Forbidden",`
			`message: "You are not allowed to access this resource.",`
			`})`
			`}`
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications. 2025-03-07 18:43:24 +01:00			`})`