forked from halo-dev/halo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth-check.ts
82 lines (69 loc) · 1.91 KB
/
auth-check.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import { rbacAnnotations } from "@/constants/annotations";
import { useUserStore } from "@/stores/user";
import type { Router } from "vue-router";
const whiteList = ["Setup", "Login", "Binding", "ResetPassword", "Redirect"];
export function setupAuthCheckGuard(router: Router) {
router.beforeEach((to, from, next) => {
const userStore = useUserStore();
if (userStore.isAnonymous) {
if (whiteList.includes(to.name as string)) {
next();
return;
}
next({
name: "Login",
query: {
redirect_uri: encodeURIComponent(window.location.href),
},
});
return;
} else {
if (to.name === "Login") {
if (to.query.redirect_uri) {
next({
name: "Redirect",
query: {
redirect_uri: to.query.redirect_uri,
},
});
return;
}
const roleHasRedirectOnLogin = userStore.currentRoles?.find(
(role) =>
role.metadata.annotations?.[rbacAnnotations.REDIRECT_ON_LOGIN]
);
if (roleHasRedirectOnLogin) {
window.location.href =
roleHasRedirectOnLogin.metadata.annotations?.[
rbacAnnotations.REDIRECT_ON_LOGIN
] || "/uc";
return;
}
next({
name: "Dashboard",
});
return;
}
if (to.name && whiteList.includes(to.name as string)) {
next();
return;
}
// Check allow access console
const { currentRoles } = userStore;
const hasDisallowAccessConsoleRole = currentRoles?.some((role) => {
return (
role.metadata.annotations?.[
rbacAnnotations.DISALLOW_ACCESS_CONSOLE
] === "true"
);
});
if (hasDisallowAccessConsoleRole) {
window.location.href = "/uc";
return;
}
next();
return;
}
next();
});
}