Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update auth config to allow authorized images (#400) #422

Closed
wants to merge 2 commits into from
Closed

Update auth config to allow authorized images (#400) #422

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8c522fe
update auth config to allow images (#400)
tylerhoward15 Nov 10, 2023
a845b23
Merge branch 'main' into pr/422
delbaoliveira Nov 16, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions dashboard/final-example/auth.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,12 @@ export const authConfig = {
callbacks: {
authorized({ auth, request: { nextUrl } }) {
const isLoggedIn = !!auth?.user;
const isOnDashboard = nextUrl.pathname.startsWith('/dashboard');
if (isOnDashboard) {
const protectedPaths = ['/dashboard', '/customers', '/invoices'];
const isProtectedPath = protectedPaths.some((path) =>
nextUrl.pathname.startsWith(path),
);
Comment on lines +14 to +17
Copy link
Collaborator

@delbaoliveira delbaoliveira Nov 16, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @tylerhoward15, thank you for the contribution. This was resolved in this PR: #355

Are you still seeing broken images? I'm not able to reproduce.

In either case:

  • The protected pathname starts with /dashboard. E.g. /dashboard/customers. So startsWith would evaluate to false for /customers.
  • I think it's slightly better practice to protect a route higher up (/dashboard), so that if we add or change the name of a child segment, they'd automatically be protected.


if (isProtectedPath) {
if (isLoggedIn) return true;
return false; // Redirect unauthenticated users to login page
} else if (isLoggedIn) {
Expand Down
Loading