Security guard

This commit is contained in:
LittleSheep 2024-01-29 18:33:11 +08:00
parent 2c3d4f86c8
commit 930607f0f2
2 changed files with 36 additions and 11 deletions

View File

@ -1,25 +1,36 @@
import Navbar from "./shared/Navbar.tsx"; import Navbar from "./shared/Navbar.tsx";
import { readProfiles } from "../stores/userinfo.tsx"; import { readProfiles, useUserinfo } from "../stores/userinfo.tsx";
import { createSignal, Show } from "solid-js"; import { createEffect, createSignal, Show } from "solid-js";
import { readWellKnown } from "../stores/wellKnown.tsx"; import { readWellKnown } from "../stores/wellKnown.tsx";
import { BeforeLeaveEventArgs, useBeforeLeave, useNavigate } from "@solidjs/router"; import { BeforeLeaveEventArgs, useBeforeLeave, useLocation, useNavigate } from "@solidjs/router";
export default function RootLayout(props: any) { export default function RootLayout(props: any) {
const [ready, setReady] = createSignal(false); const [ready, setReady] = createSignal(false);
Promise.all([readWellKnown(), readProfiles()]).then(() => setReady(true)); Promise.all([readWellKnown(), readProfiles()]).then(() => setReady(true));
const navigate = useNavigate() const navigate = useNavigate();
const userinfo = useUserinfo();
useBeforeLeave((e: BeforeLeaveEventArgs) => { const location = useLocation();
const whitelist = ["/auth/login", "/auth/register", "/users/me/confirm"]
if (!whitelist.includes(e.to.toString()) && !e.defaultPrevented) { createEffect(() => {
e.preventDefault(); if (ready()) {
navigate(`/auth/login?redirect_uri=${e.to.toString()}`) keepGate(location.pathname);
} }
}); });
function keepGate(path: string, e?: BeforeLeaveEventArgs) {
const whitelist = ["/auth/login", "/auth/register", "/users/me/confirm"];
if (!userinfo?.isLoggedIn && !whitelist.includes(path)) {
if (!e?.defaultPrevented) e?.preventDefault();
navigate(`/auth/login?redirect_uri=${path}`);
}
}
useBeforeLeave((e: BeforeLeaveEventArgs) => keepGate(e.to.toString().split("?")[0], e));
return ( return (
<Show when={ready()} fallback={ <Show when={ready()} fallback={
<div class="h-screen w-screen flex justify-center items-center"> <div class="h-screen w-screen flex justify-center items-center">

View File

@ -15,7 +15,7 @@ export default function LoginPage() {
const [challenge, setChallenge] = createSignal<any>(); const [challenge, setChallenge] = createSignal<any>();
const [stage, setStage] = createSignal("starting"); const [stage, setStage] = createSignal("starting");
const[searchParams] = useSearchParams() const [searchParams] = useSearchParams();
const navigate = useNavigate(); const navigate = useNavigate();
@ -212,8 +212,22 @@ export default function LoginPage() {
</div> </div>
</div> </div>
<Show when={searchParams["redirect_uri"]}>
<div id="redirect-info" class="mt-3">
<div role="alert" class="alert shadow-xl">
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24"
class="stroke-info shrink-0 w-6 h-6">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2"
d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"></path>
</svg>
<span>You need to login before access that.</span>
</div>
</div>
</Show>
<div class="text-sm text-center mt-3"> <div class="text-sm text-center mt-3">
<a target="_blank" href="/auth/register?closable=yes" class="link">Haven't an account? Click here to create one!</a> <a target="_blank" href="/auth/register?closable=yes" class="link">Haven't an account? Click here to create
one!</a>
</div> </div>
</div> </div>
</div> </div>