This issue encapsulates recent updates made to the authentication logic and route protection within the application, aimed at refining user access and improving security measures.
Changes Include:
GeneralProtectedRoute Update:
File: src/router/GeneralProtectedRoute.jsx
Description: Introduced a new component GeneralProtectedRoute which checks if a user is logged in. If not logged, the user is redirected to the /login page. This route wrapper is used for general user access areas that do not require administrative privileges.
ProtectedRoute Enhancements:
File: src/router/ProtectedRoute.jsx
Description: Enhanced the ProtectedRoute component to include an additional admin check. It now not only verifies if the user is logged in but also checks if the user has administrative privileges (through isAdminRoute prop) before granting access to admin-specific routes. If the user is not an admin, they are redirected to the homepage (/).
Authentication Context and Provider Adjustments:
File: src/auth/context/AuthProvider.jsx
Description: Overhauled the AuthProvider component to include more robust session management. It introduces:
A new method checkSession to validate the session token periodically and ensure it's still valid, thus enhancing security.
Updated login logic to handle authentication and store user tokens and details in localStorage.
A logout function that cleans up user details from storage, ensuring a clean state upon user exit.
gabrielvaca
commented
7 months ago
Description:
This issue encapsulates recent updates made to the authentication logic and route protection within the application, aimed at refining user access and improving security measures.
Changes Include:
GeneralProtectedRoute Update: File: src/router/GeneralProtectedRoute.jsx Description: Introduced a new component GeneralProtectedRoute which checks if a user is logged in. If not logged, the user is redirected to the /login page. This route wrapper is used for general user access areas that do not require administrative privileges. ProtectedRoute Enhancements: File: src/router/ProtectedRoute.jsx Description: Enhanced the ProtectedRoute component to include an additional admin check. It now not only verifies if the user is logged in but also checks if the user has administrative privileges (through isAdminRoute prop) before granting access to admin-specific routes. If the user is not an admin, they are redirected to the homepage (/). Authentication Context and Provider Adjustments: File: src/auth/context/AuthProvider.jsx Description: Overhauled the AuthProvider component to include more robust session management. It introduces: A new method checkSession to validate the session token periodically and ensure it's still valid, thus enhancing security. Updated login logic to handle authentication and store user tokens and details in localStorage. A logout function that cleans up user details from storage, ensuring a clean state upon user exit.