neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

frontend: Refactor authentication guards to use user roles and improve redirection logic

Browse Source
This commit is contained in:
juancarmore 2025-03-21 01:42:11 +01:00
parent 280dbea6dc
commit 59320f517d
2 changed files with 52 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
frontend/projects/shared-meet-components/src/lib/guards/admin-auth.guard.ts
View File

@ -1,19 +1,32 @@
import { inject } from '@angular/core'; import { inject } from '@angular/core';
import { ActivatedRouteSnapshot, CanActivateFn, Router, RouterStateSnapshot } from '@angular/router'; import { ActivatedRouteSnapshot, CanActivateFn, Router, RouterStateSnapshot } from '@angular/router';
import { AuthService } from '../services'; import { AuthService } from '../services';
import { Role } from '@lib/typings/ce';
export const checkAdminAuthenticatedGuard: CanActivateFn = async ( export const checkUserAuthenticatedGuard: CanActivateFn = async (
route: ActivatedRouteSnapshot, route: ActivatedRouteSnapshot,
state: RouterStateSnapshot _state: RouterStateSnapshot
) => { ) => {
const authService = inject(AuthService); const authService = inject(AuthService);
const router = inject(Router); const router = inject(Router);
// Check if admin is authenticated // Check if admin is authenticated
const isAuthenticated = await authService.isAdminAuthenticated(); const isAuthenticated = await authService.isUserAuthenticated();
if (!isAuthenticated) { if (!isAuthenticated) {
// Redirect to login page // Redirect to the login page specified in the route data when user is not authenticated
router.navigate(['console/login']); const { redirectToUnauthorized } = route.data;
router.navigate([redirectToUnauthorized]);
return false;
}
// Check if the user has the expected roles
const { expectedRoles } = route.data;
const userRole = authService.isAdmin() ? Role.ADMIN : Role.USER;
if (!expectedRoles.includes(userRole)) {
// Redirect to the page specified in the route data when user has an invalid role
const { redirectToInvalidRole } = route.data;
router.navigate([redirectToInvalidRole]);
return false; return false;
} }
@ -21,18 +34,19 @@ export const checkAdminAuthenticatedGuard: CanActivateFn = async (
return true; return true;
}; };
export const checkAdminNotAuthenticatedGuard: CanActivateFn = async ( export const checkUserNotAuthenticatedGuard: CanActivateFn = async (
route: ActivatedRouteSnapshot, route: ActivatedRouteSnapshot,
state: RouterStateSnapshot _state: RouterStateSnapshot
) => { ) => {
const authService = inject(AuthService); const authService = inject(AuthService);
const router = inject(Router); const router = inject(Router);
// Check if admin is not authenticated // Check if user is not authenticated
const isAuthenticated = await authService.isAdminAuthenticated(); const isAuthenticated = await authService.isUserAuthenticated();
if (isAuthenticated) { if (isAuthenticated) {
// Redirect to console page // Redirect to the page specified in the route data
router.navigate(['console']); const { redirectTo } = route.data;
router.navigate([redirectTo]);
return false; return false;
} }

33
frontend/projects/shared-meet-components/src/lib/routes/base-routes.ts
View File

@ -2,8 +2,8 @@ import { Routes } from '@angular/router';
import { UnauthorizedComponent } from '../components'; import { UnauthorizedComponent } from '../components';
import { import {
checkAdminAuthenticatedGuard, checkUserAuthenticatedGuard,
checkAdminNotAuthenticatedGuard, checkUserNotAuthenticatedGuard,
validateRoomAccessGuard, validateRoomAccessGuard,
applicationModeGuard, applicationModeGuard,
extractQueryParamsGuard, extractQueryParamsGuard,
@ -26,21 +26,42 @@ import {
VideoRoomComponent VideoRoomComponent
} from '../pages'; } from '../pages';
import { LoginComponent } from '@lib/pages/login/login.component'; import { LoginComponent } from '@lib/pages/login/login.component';
import { Role } from '@lib/typings/ce';
export const baseRoutes: Routes = [ export const baseRoutes: Routes = [
{ path: '', component: RoomCreatorComponent }, {
{ path: 'login', component: LoginComponent }, path: '',
component: RoomCreatorComponent,
canActivate: [checkUserAuthenticatedGuard],
data: {
expectedRoles: [Role.USER],
redirectToUnauthorized: 'login',
redirectToInvalidRole: 'console'
}
},
{
path: 'login',
component: LoginComponent,
canActivate: [checkUserNotAuthenticatedGuard],
data: { redirectTo: '' }
},
{ path: 'disconnected', component: DisconnectedComponent }, { path: 'disconnected', component: DisconnectedComponent },
{ path: 'unauthorized', component: UnauthorizedComponent }, { path: 'unauthorized', component: UnauthorizedComponent },
{ {
path: 'console/login', path: 'console/login',
component: ConsoleLoginComponent, component: ConsoleLoginComponent,
canActivate: [checkAdminNotAuthenticatedGuard] canActivate: [checkUserNotAuthenticatedGuard],
data: { redirectTo: 'console' }
}, },
{ {
path: 'console', path: 'console',
component: ConsoleComponent, component: ConsoleComponent,
canActivate: [checkAdminAuthenticatedGuard], canActivate: [checkUserAuthenticatedGuard],
data: {
expectedRoles: [Role.ADMIN],
redirectToUnauthorized: 'console/login',
redirectToInvalidRole: ''
},
children: [ children: [
{ {
path: '', path: '',