Should not be able to go to /dashboard without being logged in including authentication and authorization

[gbowne1]

/dashboard should be protected route.

I am able to go directly to /dashboard manually without putting in my login by just adding /dashboard.

[jzunigarce]

This weekend I will implement the middleware to protect the routes.

[gbowne1]

great. I was looking up a bunch of stuff for that.

I'm working on making the reusable navbar component. in /src/client/public/coomponents/navbar/ right now.

[gbowne1]

I am thinking we might need something like this

app.post('/login', (req, res) => {
  // Perform authentication and authorization checks
  // If successful, redirect the user to the desired page
  if (authenticationSuccessful && authorizationSuccessful) {
    res.redirect('/dashboard');
  } else {
    // Handle authentication or authorization failure
    res.redirect('/login');
  }
});

[gbowne1]

yeah thats a good idea. @jzunigarce

[gbowne1]

I tried this.. it isn't really working as a redirect after /login authentication && authorization is good over to the route /dashboard.

[jzunigarce]

I added a middleware in the dashboard route and it doesn't let me enter directly without logging in, however I tried to create an account and log in on the front and it throws some errors, it won't let me log in.

[gbowne1]

yeah I had that same problem

[gbowne1]

I still register a user, then try to log in with that user and password, and click check button and then click login and it does not go to /dashboard automatically if the login is good.

[jzunigarce]

I hace a error on frontend. If login is successful and you use ajax you should redirect with js

[gbowne1]

I couldnt find a redirect anywhere.

[jzunigarce]

When you recibe a response of ok on login, you should redirect with window.location.replace

[gbowne1]

I was trying to avoid Ajax. That sounds about right to me though. Still feels to me like theres some bits missing.

[gbowne1]

res.redirect does not occur anywhere either even from a app.post or a router.post

[gbowne1]

I totally get the logged in object in the console... but theres no events to go with it

[jzunigarce]

The login in server was with the api, you should make with ajax, you can use fetch function. We hace SSR only for return page.

[gbowne1]

I am still getting a lot of wierd errors from the front end and every page in during the whole login process

[jzunigarce]

Can you take a ss of errors?

[gbowne1]

yeah

[gbowne1]

when on localhost:3000/login

[gbowne1]

when just on localhost:3000/

[jzunigarce]

The errors are from the js of frontend, we need refactory the js files

[gbowne1]

yeah, definitely. Like I mentioned before the initial files were just from the original projects. We still need to refactor around all the garbage/junk.

[gbowne1]

@jzunigarce I was able to fix some of the errors but some still exist. I added a app.use in the server.js to handle some issues with some .js files not getting the correct cors headers for xss, etc. Login still needs a lot of work.

Lately I have not been able to go to the /dashboard route no matter I am logged in or out. I don't know what's up.