-
-
Notifications
You must be signed in to change notification settings - Fork 376
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth example #433
Comments
Hey @Chojecki Are you providing or injecting your AuthService? |
Hi @Milad-Akarie At At So at Normally (with navigator 1.0 and previous auto router), at |
@Chojecki I believe there are more than one approach to this, your approach is still doable using auto_route 1.0.0. void main() async {
var isAuthenticated = await authService.state;
// native splash screen is showing until runApp is called
runApp(MyApp(authenticated: isAuthenticated));
}
class MyApp extends StatelessWidget {
final _appRouter = AppRouter();
final bool authenticated;
MyApp({Key? key, required this.authenticated}) : super(key: key);
@override
Widget build(BuildContext context) {
return MaterialApp.router(
theme: ThemeData.dark(),
routerDelegate: _appRouter.delegate(
initialRoutes: [if (authenticated) HomeRoute() else LoginRoute()],
),
} |
Thanks, will try. I think the initialRoutes approach is ok, but how to react on |
Hi @Milad-Akarie I like this approach. I suppose that with this approach we don't have to set the route as initial with '/' in the router setting right? I am also interested in how to implement AuthGuard when the token is expired. When user is navigating through the app. Which @Chojecki had mentioned. Also, speaking of token expiration. Do you have any suggestion of when to check whether the token is expired? I am thinking of checking it before every request. However, will this decrease the performance of the app? Sorry I am kinda new of handling this problem. Thanks! |
The way I do token expiration, is like so: I make a request to my server with my access token and the server checks if token is expired. If it is expired I return a 'bad-token' response to my client. Now, the client makes a request to the server to get a new token by sending a refresh token to the server. The server authenticates this long lived refresh token and returns a new access and refresh token to client, and the client makes the original request again. I did this from scratch but it's way too much work- which is why I use firebase auth now. |
Here are a list of solutions I can think of:
final _appRouter = AppRouter();
final _authRouter = AuthRouter();
RootStackRouter _getRouter(AuthState state) {
return state.maybeMap(
signedIn: (_) => _appRouter,
orElse: () => _authRouter,
);
}
...
MaterialApp.router(
routerDelegate: _getRouter(state).delegate(),
routeInformationParser:
_getRouter(state).defaultRouteParser(),
)
|
I think it's good practice to set an initial route. Excluding an initial route might mess with deep-linking because of prefix matching i think?
|
Thanks for answers. Ye, about auth, we are using Auth0 because solutions like Firebase Auth are quite limited in case of users roles (admin, read, write etc.) For now we ended with some imperative approach of For now AuthGuard like this, works (without logout on token expire case): // For now we are not using it. Things for future refactor to Navigator 2.0
class AuthGuard extends AutoRouteGuard {
@override
Future<bool> canNavigate(
List<PageRouteInfo> pendingRoutes, StackRouter router) async {
final context = router.navigatorKey.currentContext;
final auth = context.read(authContollerProvider.state);
return auth.map(
initial: (_) => true,
authenticated: (_) => true,
authenticatedMultiTenant: (_) => true,
unauthenticated: (_) {
router.root.push(LoginRoute());
return false;
});
}
}
|
@theweiweiway Thank you for providing some examples and insight of @Chojecki Thank you for also provide some suggestion and how you solved it currently. I will try to implement it and see how it goes. Since I am also using Bloc as my state management solution. 👍 |
If you guys using Bloc to handle auth, you could do BlocListener<AuthBloc, AuthState>(
listenWhen: (prevState, currState) {
if (prevState is LoggedIn && currState is LoggedOut) {
router.push(AuthRoute)
}
}
) Now, whenever the user goes from being logged in to logged out, they get pushed to the authentication page |
@theweiweiway Can I see the example of what you put in To clarify, I mean what should I provide in |
it looks like this: Basically, all routes that show up when user is logged out will be defined ikn the auth router: @MaterialAutoRouter(
replaceInRouteName: 'Page,Route',
routes: <AutoRoute>[
RedirectRoute(path: "/", redirectTo: "/auth"),
AutoRoute(
/// These auth routes are declaratively rendered. See
/// `AuthWrapperPage` to view how these routes are shown
page: AuthWrapperPage,
path: "/auth",
children: [
AutoRoute(path: "", page: AuthPage),
AutoRoute(path: "email", page: AuthEmailPage),
AutoRoute(path: "resend_email", page: AuthResendEmailPage),
AutoRoute(path: "verify_email", page: AuthVerifyEmailPage),
AutoRoute(path: "reenter_email", page: AuthReEnterEmailPage),
AutoRoute(path: "create", page: AuthCreatePage),
RedirectRoute(path: '*', redirectTo: ''),
],
),
AutoRoute(page: InvitePage, path: "/invite/:invite_id"),
RedirectRoute(path: '*', redirectTo: '/'),
],
)
class $AuthRouter {}
|
@theweiweiway Aesthetic 😘 Thank you! |
great, im gonna close this then! |
Can we see the routes of these 2 approuter? how do you setup the initial routes?
|
Hi, firstly the lib is awsome and thank you all contributors for working on it.
I have a bad times to understand what proper auth config should like like. In navigator 1.0 I just had a simple "Splash" Widget which checked the app state and switched the widget tree base on it: login/register is state isn't authenticated, app routes if state is.
With new version it seems to be impossible. I see the docs about Guard Routes but the use case is unreal (mocked auth state in auth guard) and I cant convert it to our use case.
I've seen this topic #290
Here the author switch routers in MaterialApp, but looks a little like a hack.
Is this possible to share a little more real example with Auth Service etc.
The text was updated successfully, but these errors were encountered: