public/owltide
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages 1 Wiki Activity Actions
owltide/middleware/authenticated.ts

29 lines
743 B
TypeScript
Raw Normal View History

License under AGPL version 3 or later I firmly believe in free software. The application I'm making here have capabilities that I've not seen in any system. It presents itself as an opportunity to collaborate on a tool that serves the people rather than corporations. Whose incentives are to help people rather, not make the most money. And whose terms ensure that these freedoms and incentives cannot be taken back or subverted. I license this software under the AGPL.
2025-06-30 18:58:24 +02:00
/*
SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
SPDX-License-Identifier: AGPL-3.0-or-later
*/
Fix server redirectng to login when logged in When rendering on the server the session is not eagerly loaded when the authenticated middleware runs, causing it to think the user is not logged in. Fix by awaiting the session composable.
2025-03-09 15:51:00 +01:00
export default defineNuxtRouteMiddleware(async (to, from) => {
Fetch session in authenticated middleware The authenticated middleware runs before the page content is rendered. This means that it'll run before the session is fetched in app.vue on pages that are protected by it on the first load. Fetch the session in the middleware so that it doesn't act before the session is initalized.
2025-05-26 13:55:01 +02:00
const event = useRequestEvent();
const sessionStore = useSessionStore();
await callOnce("fetch-session", async () => {
await sessionStore.fetch(event);
})
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications.
2025-03-07 18:43:24 +01:00
Fetch session in authenticated middleware The authenticated middleware runs before the page content is rendered. This means that it'll run before the session is fetched in app.vue on pages that are protected by it on the first load. Fetch the session in the middleware so that it doesn't act before the session is initalized.
2025-05-26 13:55:01 +02:00
const accountStore = useAccountStore();
Use a pinia store to manage account state Refactor the existing scattered code dealing with the account state into a pinia store.
2025-05-24 20:01:23 +02:00
if (!accountStore.valid) {
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications.
2025-03-07 18:43:24 +01:00
console.log("Not logged in, redirecting to /login");
return navigateTo("/login");
}
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page.
2025-03-09 22:21:13 +01:00
if (
to.meta.allowedAccountTypes
Use a pinia store to manage account state Refactor the existing scattered code dealing with the account state into a pinia store.
2025-05-24 20:01:23 +02:00
&& !to.meta.allowedAccountTypes.includes(accountStore.type!)
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page.
2025-03-09 22:21:13 +01:00
) {
throw createError({
status: 403,
statusMessage: "Forbidden",
message: "You are not allowed to access this resource.",
})
}
Move push notification setting to separate page Set up a dedicated Account Setttings page to hold account specific settings such as the push notifications.
2025-03-07 18:43:24 +01:00
})
Reference in a new issue Copy permalink