Ryth Azhur
27c30d7e50
allauth/ (44 files) is a django-allauth React UI — a separate concern from the Mizan protocol. Moved to legacy/ pending extraction into a standalone mizan-django-allauth package. Also moved to legacy/: - client/AuthContext.tsx — generic auth state from /me endpoint - client/RouterContext.tsx — framework-agnostic router adapter - client/routing.tsx — UserRoute/StaffRoute/AnonymousRoute guards - client/nextjs.tsx — Next.js router adapter for auth These are auth UI infrastructure, not Mizan protocol. The Mizan core only needs JWT for auth header selection (jwt/ stays — MizanProvider depends on useJWT() to decide between Bearer and session auth). Cleaned up re-exports in client/react.ts and vitest aliases. 33 React tests pass. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
75 lines
2.4 KiB
TypeScript
75 lines
2.4 KiB
TypeScript
'use client'
|
|
|
|
import { useEffect, type ReactNode } from 'react'
|
|
import { useRouter } from './RouterContext'
|
|
import { useAuth, useAuthRoutes } from './AuthContext'
|
|
|
|
/**
|
|
* Route guard that only renders children if the user is authenticated.
|
|
* Redirects to login page if not authenticated.
|
|
*/
|
|
export function UserRoute({ children }: { children: ReactNode }) {
|
|
const router = useRouter()
|
|
const routes = useAuthRoutes()
|
|
const { isAuthenticated } = useAuth()
|
|
|
|
useEffect(() => {
|
|
if (!isAuthenticated) {
|
|
const searchParams = router.searchParams.toString()
|
|
const currentPath = searchParams
|
|
? `${router.pathname}?${searchParams}`
|
|
: router.pathname
|
|
const next = encodeURIComponent(currentPath)
|
|
router.replace(`${routes.login}?next=${next}`)
|
|
}
|
|
}, [isAuthenticated, router, routes.login])
|
|
|
|
if (!isAuthenticated) return null
|
|
return children
|
|
}
|
|
|
|
/**
|
|
* Route guard that only renders children if the user is authenticated AND is staff.
|
|
* Redirects to login if not authenticated, or to authenticated route if not staff.
|
|
*/
|
|
export function StaffRoute({ children }: { children: ReactNode }) {
|
|
const router = useRouter()
|
|
const routes = useAuthRoutes()
|
|
const { isAuthenticated, isStaff } = useAuth()
|
|
|
|
useEffect(() => {
|
|
if (!isAuthenticated) {
|
|
const searchParams = router.searchParams.toString()
|
|
const currentPath = searchParams
|
|
? `${router.pathname}?${searchParams}`
|
|
: router.pathname
|
|
const next = encodeURIComponent(currentPath)
|
|
router.replace(`${routes.login}?next=${next}`)
|
|
} else if (!isStaff) {
|
|
router.replace(routes.authenticated)
|
|
}
|
|
}, [isAuthenticated, isStaff, router, routes])
|
|
|
|
if (!isAuthenticated || !isStaff) return null
|
|
return children
|
|
}
|
|
|
|
/**
|
|
* Route guard that only renders children if the user is NOT authenticated.
|
|
* Redirects to authenticated route if already logged in.
|
|
*/
|
|
export function AnonymousRoute({ children }: { children: ReactNode }) {
|
|
const router = useRouter()
|
|
const routes = useAuthRoutes()
|
|
const { isAuthenticated } = useAuth()
|
|
|
|
useEffect(() => {
|
|
if (isAuthenticated) {
|
|
router.replace(routes.authenticated)
|
|
}
|
|
}, [isAuthenticated, routes.authenticated, router])
|
|
|
|
if (isAuthenticated) return null
|
|
return children
|
|
}
|