search

ctc-uci / authentication-frontend

MIT License
1 stars 0 forks source link

protected routes #12

Closed ctc-devops closed 2 years ago

ctc-devops commented 2 years ago

Add a wrapper around Route from react-router-dom to prevent users who aren't logged in from visiting certain pages. Also add functionality for role based access, but don't worry about implementing user roles (user roles will be stored in cookies).

See the WMK example from last year. verifyToken will be completed in a later sprint, so just add a dummy function there for now.

closes #9

claudeisakeeb commented 2 years ago

This is a pretty barebones implementation. For "functionality for role based access" should we write some sample code and comment it out or how should we show it?

ZubairSidhu commented 2 years ago

For role based access, assume that the users role is stored in a cookie named role, then pass a prop to ProtectedRoute that allows developers to specify which roles should have access using an array of strings. ex:

<ProtectedRoute path="/admin-only" component={AdminOnly} roles={["admin"]} />
<ProtectedRoute path="/user-only" component={UserOnly} roles={["user"]} />
<ProtectedRoute path="/both" component={Both} roles={["admin", "user"]} />

You can set this role cookie yourself in a few different ways, but using inspect element might be the easiest. Feel free to take a look at #14 for more context on the role cookie.

claudeisakeeb commented 2 years ago

For role based access, assume that the users role is stored in a cookie named role, then pass a prop to ProtectedRoute that allows developers to specify which roles should have access using an array of strings. ex:

<ProtectedRoute path="/admin-only" component={AdminOnly} roles={["admin"]} />
<ProtectedRoute path="/user-only" component={UserOnly} roles={["user"]} />
<ProtectedRoute path="/both" component={Both} roles={["admin", "user"]} />

You can set this role cookie yourself in a few different ways, but using inspect element might be the easiest. Feel free to take a look at #14 for more context on the role cookie.

Ok I think we will wait until #14 makes their final changes and gets merged

claudeisakeeb commented 2 years ago

I addressed all changes but this code doesn't work without the new ROLE attribute in cookieKeys introduced in #14 (my local file includes it so I could test but it's not pushed since it's part of 14) Probably best if 14 is merged first and then I can merge everything into here...or I can just pre-emptively merge right now if you guys want.

Vakhshoori101 commented 2 years ago

14 has been merged! feel free to update your branch so you get everything to work :)

claudeisakeeb commented 2 years ago

Merged