I firmly believe in free software.
The application I'm making here have capabilities that I've not seen in
any system. It presents itself as an opportunity to collaborate on a
tool that serves the people rather than corporations. Whose incentives
are to help people rather, not make the most money. And whose terms
ensure that these freedoms and incentives cannot be taken back or
subverted.
I license this software under the AGPL.
The authenticated middleware runs before the page content is rendered.
This means that it'll run before the session is fetched in app.vue on
pages that are protected by it on the first load. Fetch the session in
the middleware so that it doesn't act before the session is initalized.
Replace the convoluted useAccountSession composable with a pinia store
that in addition allows for the consolidation of all session related
functions to grouped into one module.
Add allowedAccountTypes page metadata which the authenticated middleware
uses to further restrict the types of accounts that can access the page.
If the account type is insufficent to access the page it will return an
HTTP 403 Forbidden status, which is rendered using the error page.
When rendering on the server the session is not eagerly loaded when the
authenticated middleware runs, causing it to think the user is not
logged in. Fix by awaiting the session composable.
