fix: enforce header nav access control for public modules (#4889)
This commit is contained in:
+18
-1
@@ -17,7 +17,9 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
For commercial licensing, please contact support@quantumnous.com
|
||||
*/
|
||||
import z from 'zod'
|
||||
import { createFileRoute } from '@tanstack/react-router'
|
||||
import { createFileRoute, redirect } from '@tanstack/react-router'
|
||||
import { useAuthStore } from '@/stores/auth-store'
|
||||
import { getFreshModuleAccess } from '@/lib/nav-modules'
|
||||
import { ModelDetails } from '@/features/pricing/components/model-details'
|
||||
|
||||
const modelDetailsSearchSchema = z.object({
|
||||
@@ -35,5 +37,20 @@ const modelDetailsSearchSchema = z.object({
|
||||
|
||||
export const Route = createFileRoute('/pricing/$modelId/')({
|
||||
validateSearch: modelDetailsSearchSchema,
|
||||
beforeLoad: async ({ location }) => {
|
||||
const access = await getFreshModuleAccess('pricing')
|
||||
if (!access.enabled) {
|
||||
throw redirect({ to: '/' })
|
||||
}
|
||||
if (access.requireAuth) {
|
||||
const { auth } = useAuthStore.getState()
|
||||
if (!auth.user) {
|
||||
throw redirect({
|
||||
to: '/sign-in',
|
||||
search: { redirect: location.href },
|
||||
})
|
||||
}
|
||||
}
|
||||
},
|
||||
component: ModelDetails,
|
||||
})
|
||||
|
||||
+18
-1
@@ -17,7 +17,9 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
For commercial licensing, please contact support@quantumnous.com
|
||||
*/
|
||||
import z from 'zod'
|
||||
import { createFileRoute } from '@tanstack/react-router'
|
||||
import { createFileRoute, redirect } from '@tanstack/react-router'
|
||||
import { useAuthStore } from '@/stores/auth-store'
|
||||
import { getFreshModuleAccess } from '@/lib/nav-modules'
|
||||
import { Pricing } from '@/features/pricing'
|
||||
|
||||
const pricingSearchSchema = z.object({
|
||||
@@ -35,5 +37,20 @@ const pricingSearchSchema = z.object({
|
||||
|
||||
export const Route = createFileRoute('/pricing/')({
|
||||
validateSearch: pricingSearchSchema,
|
||||
beforeLoad: async ({ location }) => {
|
||||
const access = await getFreshModuleAccess('pricing')
|
||||
if (!access.enabled) {
|
||||
throw redirect({ to: '/' })
|
||||
}
|
||||
if (access.requireAuth) {
|
||||
const { auth } = useAuthStore.getState()
|
||||
if (!auth.user) {
|
||||
throw redirect({
|
||||
to: '/sign-in',
|
||||
search: { redirect: location.href },
|
||||
})
|
||||
}
|
||||
}
|
||||
},
|
||||
component: Pricing,
|
||||
})
|
||||
|
||||
+8
-5
@@ -18,9 +18,9 @@ For commercial licensing, please contact support@quantumnous.com
|
||||
*/
|
||||
import z from 'zod'
|
||||
import { createFileRoute, redirect } from '@tanstack/react-router'
|
||||
import { Rankings } from '@/features/rankings'
|
||||
import { getModuleAccess } from '@/lib/nav-modules'
|
||||
import { useAuthStore } from '@/stores/auth-store'
|
||||
import { getFreshModuleAccess } from '@/lib/nav-modules'
|
||||
import { Rankings } from '@/features/rankings'
|
||||
|
||||
const rankingsSearchSchema = z.object({
|
||||
period: z
|
||||
@@ -31,15 +31,18 @@ const rankingsSearchSchema = z.object({
|
||||
|
||||
export const Route = createFileRoute('/rankings/')({
|
||||
validateSearch: rankingsSearchSchema,
|
||||
beforeLoad: () => {
|
||||
const access = getModuleAccess('rankings')
|
||||
beforeLoad: async ({ location }) => {
|
||||
const access = await getFreshModuleAccess('rankings')
|
||||
if (!access.enabled) {
|
||||
throw redirect({ to: '/' })
|
||||
}
|
||||
if (access.requireAuth) {
|
||||
const { auth } = useAuthStore.getState()
|
||||
if (!auth.user) {
|
||||
throw redirect({ to: '/sign-in', search: { redirect: '/rankings' } })
|
||||
throw redirect({
|
||||
to: '/sign-in',
|
||||
search: { redirect: location.href },
|
||||
})
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user