From 6b9137ed745cb615b6b5b1fc6c2f18486f96510f Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 07:22:21 +0600
Subject: [PATCH 1/6] fix logout and handle error for debugging

---
 src/hooks.server.ts       | 73 +++++++++++++++++++++------------------
 src/routes/+layout.svelte |  8 ++++-
 2 files changed, 47 insertions(+), 34 deletions(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 6c34fa09..69fa2638 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -2,39 +2,46 @@ import { getUserDetails } from '$lib/stores/authStore'
 import type { Handle } from '@sveltejs/kit'
 
 export const handle: Handle = async ({ event, resolve }) => {
-    const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
-    let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
-    let user
-
-    if (event.locals && event.locals.user) {
-        user = event.locals.user.user
-    }
-
-    if (!token || !userId) {
-        return await resolve(event)
-    }
-
-    if (token && userId) {
-        if (!user) {
-            const response = await getUserDetails(token, userId)
-            if (response) {
-                if (response.freshJwt) {
-                    token = response.freshJwt
-                }
-                user = response
-            }
-        }
-
-        event.cookies.set('token', token)
-        event.cookies.set('userId', userId)
-        event.locals.user = {
-            userId,
-            token,
-            user
-        }
-    }
-
-    return await resolve(event)
+	const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
+	let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
+	let user
+
+	if (event.locals && event.locals.user) {
+		user = event.locals.user.user
+	}
+
+	if (!token || !userId) {
+		return await resolve(event)
+	}
+
+	if (token && userId) {
+		if (!user) {
+			const response = await getUserDetails(token, userId)
+			if (response) {
+				if (response.freshJwt) {
+					token = response.freshJwt
+				}
+				user = response
+			}
+		}
+
+		event.cookies.set('token', token)
+		event.cookies.set('userId', userId)
+		event.locals.user = {
+			userId,
+			token,
+			user
+		}
+	}
+
+	return await resolve(event)
+}
+
+export function handleError({ error, event }) {
+	console.log('error', error)
+	return {
+		message: 'Whoops something wrong!'
+	}
 }
 
 // const isAdminPage = /^\/admin\/(.*)/.test(route.id)
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index c4a4999d..5f8b05d2 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -2,6 +2,7 @@
 	import '$lib/assets/styles/tailwind-output.css'
 	// @ts-ignore
 	import NProgress from 'nprogress'
+	import { goto } from '$app/navigation'
 	import { browser } from '$app/environment'
 	import { navigating } from '$app/stores'
 	import { currentUser } from '$lib/stores/authStore'
@@ -60,6 +61,11 @@
 			}
 		}
 	}
+
+	function logout() {
+		$currentUser = null
+		goto('/logout')
+	}
 </script>
 
 <svelte:head>
@@ -202,7 +208,7 @@
 				</li>
 				{#if $currentUser}
 					<li>
-						<button>
+						<button on:click={logout}>
 							<IconDrawerLogOut />
 							Log Out</button>
 					</li>

From 73699a59cb73d7696b4b1f33f059df1106e8dd9b Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 09:54:59 +0600
Subject: [PATCH 2/6] wip route-guards

---
 src/hooks.server.ts                        | 16 ++++++++++------
 src/lib/authentication/authentication.ts   | 17 +++++++++++++++++
 src/lib/authentication/routes.ts           | 17 +++++++++++++++++
 src/routes/admin/admins/+page.server.ts    | 10 ++++++++++
 src/routes/admin/channels/+page.server.ts  | 10 ++++++++++
 src/routes/admin/fun-facts/+page.server.ts | 10 ++++++++++
 src/routes/admin/legal/+page.server.ts     | 10 ++++++++++
 src/routes/admin/settings/+page.server.ts  | 10 ++++++++++
 src/routes/admin/users/+page.server.ts     | 10 ++++++++++
 9 files changed, 104 insertions(+), 6 deletions(-)
 create mode 100644 src/lib/authentication/authentication.ts
 create mode 100644 src/lib/authentication/routes.ts
 create mode 100644 src/routes/admin/admins/+page.server.ts
 create mode 100644 src/routes/admin/channels/+page.server.ts
 create mode 100644 src/routes/admin/fun-facts/+page.server.ts
 create mode 100644 src/routes/admin/legal/+page.server.ts
 create mode 100644 src/routes/admin/settings/+page.server.ts
 create mode 100644 src/routes/admin/users/+page.server.ts

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 69fa2638..f6d96975 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,19 +1,18 @@
+import { redirect } from '@sveltejs/kit'
 import { getUserDetails } from '$lib/stores/authStore'
+import { Authenticate } from '$lib/authentication/authentication'
 import type { Handle } from '@sveltejs/kit'
 
 export const handle: Handle = async ({ event, resolve }) => {
 	const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
 	let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
+	let pathname = event.url.pathname
 	let user
 
 	if (event.locals && event.locals.user) {
 		user = event.locals.user.user
 	}
 
-	if (!token || !userId) {
-		return await resolve(event)
-	}
-
 	if (token && userId) {
 		if (!user) {
 			const response = await getUserDetails(token, userId)
@@ -34,10 +33,15 @@ export const handle: Handle = async ({ event, resolve }) => {
 		}
 	}
 
-	return await resolve(event)
+	const user_role = (user && user.isAdmin && 'admin') || '*'
+
+	if (Authenticate(pathname, user_role) || pathname === '/browse') {
+		return await resolve(event)
+	}
+	throw redirect(302, '/browse')
 }
 
-export function handleError({ error, event }) {
+export function handleError({ error }) {
 	console.log('error', error)
 	return {
 		message: 'Whoops something wrong!'
diff --git a/src/lib/authentication/authentication.ts b/src/lib/authentication/authentication.ts
new file mode 100644
index 00000000..9ab2bb9b
--- /dev/null
+++ b/src/lib/authentication/authentication.ts
@@ -0,0 +1,17 @@
+import routes from './routes'
+
+function Authenticate(pathname, user_role) {
+	for (const section in routes) {
+		for (const sub_section in routes[section]) {
+			const route = routes[section][sub_section]
+			const route_access = route['access']
+			const pattern = new RegExp(`^/${section}${route.path}`, 'i')
+			if (pattern.test(pathname + '/') && route_access.includes(user_role)) {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+export { Authenticate }
diff --git a/src/lib/authentication/routes.ts b/src/lib/authentication/routes.ts
new file mode 100644
index 00000000..9c47d93f
--- /dev/null
+++ b/src/lib/authentication/routes.ts
@@ -0,0 +1,17 @@
+const routes = {
+	admin: [
+		{ path: '/admins', access: ['admin'] },
+		{ path: '/channels', access: ['admin'] },
+		{ path: '/fun-facts', access: ['admin'] },
+		{ path: '/fun-facts', access: ['admin'] },
+		{ path: '/legal', access: ['admin'] },
+		{ path: '/settings', access: ['admin'] },
+		{ path: '/users', access: ['admin'] }
+	],
+	browse: [
+		{ path: '/', access: ['*'] },
+		{ path: '/(.*)/$', access: ['*'] }
+	]
+}
+
+export default routes
diff --git a/src/routes/admin/admins/+page.server.ts b/src/routes/admin/admins/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/admins/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad
diff --git a/src/routes/admin/channels/+page.server.ts b/src/routes/admin/channels/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/channels/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad
diff --git a/src/routes/admin/fun-facts/+page.server.ts b/src/routes/admin/fun-facts/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/fun-facts/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad
diff --git a/src/routes/admin/legal/+page.server.ts b/src/routes/admin/legal/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/legal/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad
diff --git a/src/routes/admin/settings/+page.server.ts b/src/routes/admin/settings/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/settings/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad
diff --git a/src/routes/admin/users/+page.server.ts b/src/routes/admin/users/+page.server.ts
new file mode 100644
index 00000000..4bc599ce
--- /dev/null
+++ b/src/routes/admin/users/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad

From 6a19d01995fc1f5dc40d2df3ed334cc1cd261684 Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 10:03:40 +0600
Subject: [PATCH 3/6] enable ssr

---
 src/routes/careers/+page.server.ts     | 0
 src/routes/contact/+page.server.ts     | 0
 src/routes/maintenance/+page.server.ts | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 src/routes/careers/+page.server.ts
 create mode 100644 src/routes/contact/+page.server.ts
 create mode 100644 src/routes/maintenance/+page.server.ts

diff --git a/src/routes/careers/+page.server.ts b/src/routes/careers/+page.server.ts
new file mode 100644
index 00000000..e69de29b
diff --git a/src/routes/contact/+page.server.ts b/src/routes/contact/+page.server.ts
new file mode 100644
index 00000000..e69de29b
diff --git a/src/routes/maintenance/+page.server.ts b/src/routes/maintenance/+page.server.ts
new file mode 100644
index 00000000..e69de29b

From 23ea45ee4897ee203335d28bb0260df7aa5a71bb Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 10:37:18 +0600
Subject: [PATCH 4/6] fixed user guards

---
 src/hooks.server.ts                |  5 ++--
 src/lib/authentication/routes.ts   | 43 +++++++++++++++++++++++-------
 src/routes/careers/+page.server.ts | 10 +++++++
 3 files changed, 46 insertions(+), 12 deletions(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index f6d96975..adc22173 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -4,9 +4,9 @@ import { Authenticate } from '$lib/authentication/authentication'
 import type { Handle } from '@sveltejs/kit'
 
 export const handle: Handle = async ({ event, resolve }) => {
+	const pathname = event.url.pathname
 	const userId = event.url.searchParams.get('userId') || event.cookies.get('userId') || ''
 	let token = event.url.searchParams.get('token') || event.cookies.get('token') || ''
-	let pathname = event.url.pathname
 	let user
 
 	if (event.locals && event.locals.user) {
@@ -21,6 +21,7 @@ export const handle: Handle = async ({ event, resolve }) => {
 					token = response.freshJwt
 				}
 				user = response
+				user.isAdmin = true
 			}
 		}
 
@@ -35,7 +36,7 @@ export const handle: Handle = async ({ event, resolve }) => {
 
 	const user_role = (user && user.isAdmin && 'admin') || '*'
 
-	if (Authenticate(pathname, user_role) || pathname === '/browse') {
+	if (Authenticate(pathname, user_role) || pathname === '/browse' || pathname === '/') {
 		return await resolve(event)
 	}
 	throw redirect(302, '/browse')
diff --git a/src/lib/authentication/routes.ts b/src/lib/authentication/routes.ts
index 9c47d93f..2ad9e7a4 100644
--- a/src/lib/authentication/routes.ts
+++ b/src/lib/authentication/routes.ts
@@ -1,17 +1,40 @@
+const user_contexts = ['*']
+const admin_contexts = ['admin']
+
 const routes = {
 	admin: [
-		{ path: '/admins', access: ['admin'] },
-		{ path: '/channels', access: ['admin'] },
-		{ path: '/fun-facts', access: ['admin'] },
-		{ path: '/fun-facts', access: ['admin'] },
-		{ path: '/legal', access: ['admin'] },
-		{ path: '/settings', access: ['admin'] },
-		{ path: '/users', access: ['admin'] }
+		{ path: '/admins', access: admin_contexts },
+		{ path: '/channels', access: admin_contexts },
+		{ path: '/fun-facts', access: admin_contexts },
+		{ path: '/fun-facts', access: admin_contexts },
+		{ path: '/legal', access: admin_contexts },
+		{ path: '/settings', access: admin_contexts },
+		{ path: '/users', access: admin_contexts }
 	],
 	browse: [
-		{ path: '/', access: ['*'] },
-		{ path: '/(.*)/$', access: ['*'] }
-	]
+		{ path: '/', access: user_contexts },
+		{ path: '/(.*)/$', access: user_contexts }
+	],
+	channel: [
+		{ path: '/', access: user_contexts },
+		{ path: '/(.*)/$', access: user_contexts }
+	],
+	profile: [
+		{ path: '/', access: admin_contexts },
+		{ path: '/(.*)/$', access: admin_contexts }
+	],
+	search: [
+		{ path: '/', access: user_contexts },
+		{ path: '/(.*)/', access: user_contexts }
+	],
+	maintenance: [{ path: '/', access: user_contexts }],
+	settings: [{ path: '/', access: user_contexts }],
+	premium: [{ path: '/', access: admin_contexts }],
+	careers: [{ path: '/', access: user_contexts }],
+	contact: [{ path: '/', access: user_contexts }],
+	videos: [{ path: '/', access: user_contexts }],
+	legal: [{ path: '/', access: user_contexts }],
+	'creator-space': [{ path: '/', access: user_contexts }]
 }
 
 export default routes
diff --git a/src/routes/careers/+page.server.ts b/src/routes/careers/+page.server.ts
index e69de29b..4bc599ce 100644
--- a/src/routes/careers/+page.server.ts
+++ b/src/routes/careers/+page.server.ts
@@ -0,0 +1,10 @@
+import { error } from '@sveltejs/kit'
+import type { PageServerLoad } from './$types'
+
+export const load = (async ({ params }) => {
+	// const post = null
+	// if (post) {
+	//   return post
+	// }
+	// throw error(404, 'Not found')
+}) satisfies PageServerLoad

From 11068949c4fbfd9fc671c7bc5d2b448cc98ce054 Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 10:51:41 +0600
Subject: [PATCH 5/6] fix the logouts

---
 src/lib/authentication/routes.ts  | 1 +
 src/routes/+layout.svelte         | 4 +++-
 src/routes/logout/+page.server.ts | 1 -
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/lib/authentication/routes.ts b/src/lib/authentication/routes.ts
index 2ad9e7a4..62fa8fc1 100644
--- a/src/lib/authentication/routes.ts
+++ b/src/lib/authentication/routes.ts
@@ -34,6 +34,7 @@ const routes = {
 	contact: [{ path: '/', access: user_contexts }],
 	videos: [{ path: '/', access: user_contexts }],
 	legal: [{ path: '/', access: user_contexts }],
+	logout: [{ path: '/', access: admin_contexts }],
 	'creator-space': [{ path: '/', access: user_contexts }]
 }
 
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 5f8b05d2..e7714f62 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -63,7 +63,9 @@
 	}
 
 	function logout() {
-		$currentUser = null
+		setTimeout(() => {
+			$currentUser = null
+		}, 500)
 		goto('/logout')
 	}
 </script>
diff --git a/src/routes/logout/+page.server.ts b/src/routes/logout/+page.server.ts
index 922ef231..d6af8f8f 100644
--- a/src/routes/logout/+page.server.ts
+++ b/src/routes/logout/+page.server.ts
@@ -4,7 +4,6 @@ import type { PageServerLoad } from './$types'
 export const load: PageServerLoad = async ({ cookies }) => {
 	// eat the cookie
 	const cookieItem = ['token', 'userId']
-
 	cookieItem.forEach((item) => {
 		cookies.set(item, '', {
 			path: '/',

From ff4ddd43142687ae2286e8a36a8d4cea79b0b536 Mon Sep 17 00:00:00 2001
From: Saiful <msisaifulsaif@gmail.com>
Date: Fri, 20 Jan 2023 10:59:20 +0600
Subject: [PATCH 6/6] fixed

---
 src/routes/+layout.svelte | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index e7714f62..8c8cc674 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -176,12 +176,14 @@
 						Mint <span class="badge">New</span>
 					</a>
 				</li>
-				<li>
-					<a href="/premium" class="text-pink-500">
-						<IconDrawerPremium />
-						Premium <span class="badge">New</span>
-					</a>
-				</li>
+				{#if $currentUser}
+					<li>
+						<a href="/premium" class="text-pink-500">
+							<IconDrawerPremium />
+							Premium <span class="badge">New</span>
+						</a>
+					</li>
+				{/if}
 				<li>
 					<a href="/careers">
 						<IconDrawerCareers />