Skip to content

Commit

Permalink
Merge pull request #210 from msisaifu/follow-up-route-guards
Browse files Browse the repository at this point in the history 
Follow up route guards
  • Loading branch information
@gagansuie
gagansuie authored Jan 25, 2023
2 parents 742e7f7 + 7b337ef commit a1e4ba4
Show file tree
Hide file tree
Showing 6 changed files with 300 additions and 225 deletions.
163 changes: 93 additions & 70 deletions src/hooks.server.ts
View file
Original file line number Diff line number Diff line change
@@ -1,88 +1,111 @@
import { redirect } from '@sveltejs/kit'
import { getUserDetails } from '$lib/stores/authStore'
import { get } from 'svelte/store'
import { getUserDetails, userRole, currentUser } from '$lib/stores/authStore'
import { getUserRole, getRoles } from '$lib/stores/adminStore'
import { Authenticate } from '$lib/authentication/authentication'
import type { Handle, HandleFetch } from '@sveltejs/kit'
import { env } from '$env/dynamic/public'

export const handle: Handle = async ({ event, resolve }) => {
const pathname = event.url.pathname
const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
let user

if (event.locals && event.locals.user) {
user = event.locals.user.user
}

if (token && userId) {
if (!user) {
const response = await getUserDetails(token, userId)
if (response) {
if (response.freshJwt) {
token = response.freshJwt
}
user = response
user.isAdmin = true
}
}

if (pathname === '/') {
event.cookies.set('token', token, {
path: '/',
maxAge: 60 * 60 * 24 * 30
})
event.cookies.set('userId', userId, {
path: '/',
maxAge: 60 * 60 * 24 * 30
})
}

event.locals.user = {
userId,
token,
user
}
}

let user_role = 'user'

if (user && user.isAdmin) {
user_role = 'admin'
}

if (Authenticate({ pathname, user_role }) || pathname === '/browse' || pathname === '/') {
return await resolve(event)
}
throw redirect(302, '/browse')
const pathname = event.url.pathname
const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
let user = get(currentUser),
role = get(userRole)

if (token && userId) {
if (!user) {
const response = await getUserDetails(token, userId)
if (response) {
if (response.freshJwt) {
token = response.freshJwt
}
user = response
currentUser.set(user)
}
}

if (!role) {
try {
const headers = {
userId: userId
}
if (env.PUBLIC_CROSS_ORIGIN === 'false') {
headers['authorization'] = token
} else {
headers['x-api-key'] = env.PUBLIC_API_KEY
}

const all_roles = await getRoles(true, headers)
if (Array.isArray(all_roles)) {
const get_role = await getUserRole(true, headers)
if (get_role && get_role.role) {
role = all_roles.find((item) => {
return item._id == get_role.role
})?.name

userRole.set(role)
}
}
} catch (e) {
console.log('something wrong', e)
}
}

if (pathname === '/') {
event.cookies.set('token', token, {
path: '/',
maxAge: 60 * 60 * 24 * 30
})
event.cookies.set('userId', userId, {
path: '/',
maxAge: 60 * 60 * 24 * 30
})
}

event.locals.user = {
userId,
token,
user
}
}

if (
Authenticate({ pathname, user_role: role || 'user' }) ||
pathname === '/browse' ||
pathname === '/'
) {
return await resolve(event)
}
throw redirect(302, '/browse')
}

export function handleError({ error }: { error: any }) {
console.log('error', error)
return {
message: 'Whoops something wrong!'
}
console.log('error', error)
return {
message: 'Whoops something wrong!'
}
}

//TODO: fix global handleFetch
// export const handleFetch: HandleFetch = async ({ request, fetch }) => {
// let headers: any = {}
// if (request.url.startsWith(env.PUBLIC_API_URL)) {
// if (env.PUBLIC_CROSS_ORIGIN === 'false') {
// headers = {
// authorization: request.locals.user.token,
// userId: request.locals.user.userId,
// }
// } else {
// headers = {
// 'x-api-key': env.PUBLIC_API_KEY,
// userId: request.locals.user.userId,
// }
// }
// }
// return fetch(request, headers)
// let headers: any = {}
// if (request.url.startsWith(env.PUBLIC_API_URL)) {
// if (env.PUBLIC_CROSS_ORIGIN === 'false') {
// headers = {
// authorization: request.locals.user.token,
// userId: request.locals.user.userId
// }
// } else {
// headers = {
// 'x-api-key': env.PUBLIC_API_KEY,
// userId: request.locals.user.userId
// }
// }
// }
// return fetch(request, headers)
// }


// const isAdminPage = /^\/admin\/(.*)/.test(route.id)
// const isProfilePage = /^\/profile\/(.*)/.test(route.id)
// const isPremiumPage = /^\/premium\/(.*)/.test(route.id)
Expand Down
72 changes: 36 additions & 36 deletions src/lib/authentication/routes.ts
View file
Original file line number Diff line number Diff line change
@@ -1,41 +1,41 @@
const user_contexts = ['user', 'admin']
const admin_contexts = ['admin']
const USER_COTEXT = 'user'
const ADMIN_COTEXT = 'admin'

const routes: any = {
admin: [
{ path: '/admins', access: admin_contexts },
{ path: '/channels', access: admin_contexts },
{ path: '/fun-facts', access: admin_contexts },
{ path: '/fun-facts', access: admin_contexts },
{ path: '/legal', access: admin_contexts },
{ path: '/settings', access: admin_contexts },
{ path: '/users', access: admin_contexts }
],
browse: [
{ path: '/', access: user_contexts },
{ path: '/(.*)/$', access: user_contexts }
],
channel: [
{ path: '/', access: user_contexts },
{ path: '/(.*)/$', access: user_contexts }
],
profile: [
{ path: '/', access: admin_contexts },
{ path: '/(.*)/$', access: admin_contexts }
],
search: [
{ path: '/', access: user_contexts },
{ path: '/(.*)/', access: user_contexts }
],
maintenance: [{ path: '/', access: user_contexts }],
settings: [{ path: '/', access: user_contexts }],
premium: [{ path: '/', access: admin_contexts }],
careers: [{ path: '/', access: user_contexts }],
contact: [{ path: '/', access: user_contexts }],
videos: [{ path: '/', access: user_contexts }],
legal: [{ path: '/', access: user_contexts }],
logout: [{ path: '/', access: admin_contexts }],
'creator-space': [{ path: '/', access: user_contexts }]
admin: [
{ path: '/admins', access: [ADMIN_COTEXT] },
{ path: '/channels', access: [ADMIN_COTEXT] },
{ path: '/fun-facts', access: [ADMIN_COTEXT] },
{ path: '/fun-facts', access: [ADMIN_COTEXT] },
{ path: '/legal', access: [ADMIN_COTEXT] },
{ path: '/settings', access: [ADMIN_COTEXT] },
{ path: '/users', access: [ADMIN_COTEXT] }
],
browse: [
{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] },
{ path: '/(.*)/$', access: [USER_COTEXT, ADMIN_COTEXT] }
],
channel: [
{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] },
{ path: '/(.*)/$', access: [USER_COTEXT, ADMIN_COTEXT] }
],
profile: [
{ path: '/', access: [ADMIN_COTEXT] },
{ path: '/(.*)/$', access: [ADMIN_COTEXT] }
],
search: [
{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] },
{ path: '/(.*)/', access: [USER_COTEXT, ADMIN_COTEXT] }
],
maintenance: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
settings: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
premium: [{ path: '/', access: [ADMIN_COTEXT] }],
careers: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
contact: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
videos: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
legal: [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }],
logout: [{ path: '/', access: [ADMIN_COTEXT] }],
'creator-space': [{ path: '/', access: [USER_COTEXT, ADMIN_COTEXT] }]
}

export default routes
Loading

0 comments on commit a1e4ba4

Please sign in to comment.