bo/worklenz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): add combined AuthAndSetupGuard for route protection

Browse Source 
- Introduced AuthAndSetupGuard to enforce both authentication and setup completion for protected routes.
- Updated main routes to utilize the new guard, ensuring users are redirected appropriately based on their authentication and setup status.
- Adjusted setup route to only require authentication, allowing access without completed setup.
- Refactored account setup component to use custom dispatch hook for improved state management and added session refresh after setup completion.
This commit is contained in:
chamikaJ
2025-07-15 15:34:43 +05:30
parent 0bb748cf89
commit 6e911d79fc
2 changed files with 37 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
worklenz-frontend/src/app/routes/index.tsx
View File

@@ -90,6 +90,23 @@ export const SetupGuard = memo(({ children }: GuardProps) => {
SetupGuard.displayName = 'SetupGuard';
// Combined guard for routes that require both authentication and setup completion
export const AuthAndSetupGuard = memo(({ children }: GuardProps) => {
const { isAuthenticated, isSetupComplete, location } = useAuthStatus();
if (!isAuthenticated) {
return <Navigate to="/auth" state={{ from: location }} replace />;
}
if (!isSetupComplete) {
return <Navigate to="/worklenz/setup" />;
}
return <>{children}</>;
});
AuthAndSetupGuard.displayName = 'AuthAndSetupGuard';
// Optimized route wrapping function with Suspense boundaries
const wrapRoutes = (
routes: RouteObject[],
@@ -171,9 +188,11 @@ StaticLicenseExpired.displayName = 'StaticLicenseExpired';
// Create route arrays (moved outside of useMemo to avoid hook violations)
const publicRoutes = [...rootRoutes, ...authRoutes, notFoundRoute];
const protectedMainRoutes = wrapRoutes(mainRoutes, AuthGuard);
// Apply combined guard to main routes that require both auth and setup completion
const protectedMainRoutes = wrapRoutes(mainRoutes, AuthAndSetupGuard);
const adminRoutes = wrapRoutes(reportingRoutes, AdminGuard);
const setupRoutes = wrapRoutes([accountSetupRoute], SetupGuard);
// Setup route should be accessible without setup completion, only requires authentication
const setupRoutes = wrapRoutes([accountSetupRoute], AuthGuard);
// License expiry check function
const withLicenseExpiryCheck = (routes: RouteObject[]): RouteObject[] => {