✨ Security guard

2024-01-29 18:33:11 +08:00 · 2024-01-29 18:33:11 +08:00 · 930607f0f2
commit 930607f0f2
parent 2c3d4f86c8
2 changed files with 36 additions and 11 deletions
--- a/view/src/layouts/RootLayout.tsx
+++ b/view/src/layouts/RootLayout.tsx
@ -1,25 +1,36 @@
 import Navbar from "./shared/Navbar.tsx";
-import { readProfiles } from "../stores/userinfo.tsx";
-import { createSignal, Show } from "solid-js";
+import { readProfiles, useUserinfo } from "../stores/userinfo.tsx";
+import { createEffect, createSignal, Show } from "solid-js";
 import { readWellKnown } from "../stores/wellKnown.tsx";
-import { BeforeLeaveEventArgs, useBeforeLeave, useNavigate } from "@solidjs/router";
+import { BeforeLeaveEventArgs, useBeforeLeave, useLocation, useNavigate } from "@solidjs/router";

 export default function RootLayout(props: any) {
  const [ready, setReady] = createSignal(false);

  Promise.all([readWellKnown(), readProfiles()]).then(() => setReady(true));

-  const navigate = useNavigate()
+  const navigate = useNavigate();
+  const userinfo = useUserinfo();

-  useBeforeLeave((e: BeforeLeaveEventArgs) => {
-    const whitelist = ["/auth/login", "/auth/register", "/users/me/confirm"]
+  const location = useLocation();

-    if (!whitelist.includes(e.to.toString()) && !e.defaultPrevented) {
-      e.preventDefault();
-      navigate(`/auth/login?redirect_uri=${e.to.toString()}`)
+  createEffect(() => {
+    if (ready()) {
+      keepGate(location.pathname);
    }
  });

+  function keepGate(path: string, e?: BeforeLeaveEventArgs) {
+    const whitelist = ["/auth/login", "/auth/register", "/users/me/confirm"];
+
+    if (!userinfo?.isLoggedIn && !whitelist.includes(path)) {
+      if (!e?.defaultPrevented) e?.preventDefault();
+      navigate(`/auth/login?redirect_uri=${path}`);
+    }
+  }
+
+  useBeforeLeave((e: BeforeLeaveEventArgs) => keepGate(e.to.toString().split("?")[0], e));
+
  return (
    <Show when={ready()} fallback={
      <div class="h-screen w-screen flex justify-center items-center">
--- a/view/src/pages/auth/login.tsx
+++ b/view/src/pages/auth/login.tsx
@ -15,7 +15,7 @@ export default function LoginPage() {
  const [challenge, setChallenge] = createSignal<any>();
  const [stage, setStage] = createSignal("starting");

-  const[searchParams] = useSearchParams()
+  const [searchParams] = useSearchParams();

  const navigate = useNavigate();

@ -212,8 +212,22 @@ export default function LoginPage() {
          </div>
        </div>

+        <Show when={searchParams["redirect_uri"]}>
+          <div id="redirect-info" class="mt-3">
+            <div role="alert" class="alert shadow-xl">
+              <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24"
+                   class="stroke-info shrink-0 w-6 h-6">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2"
+                      d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"></path>
+              </svg>
+              <span>You need to login before access that.</span>
+            </div>
+          </div>
+        </Show>
+
        <div class="text-sm text-center mt-3">
-          <a target="_blank" href="/auth/register?closable=yes" class="link">Haven't an account? Click here to create one!</a>
+          <a target="_blank" href="/auth/register?closable=yes" class="link">Haven't an account? Click here to create
+            one!</a>
        </div>
      </div>
    </div>