Skip to content

fix: enforce tenant data isolation and centralize auth #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mindsers merged 2 commits into from
Apr 10, 2026
Merged

fix: enforce tenant data isolation and centralize auth #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4ae3f93
fix: restore congregation context in all loaders before scoped queries
mindsers Apr 10, 2026
ed983af
refactor: centralize auth into authenticateAndAuthorize wrapper
mindsers Apr 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions app/features/authentication/routes/login.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ export const meta: Route.MetaFunction = () => {
}

export async function loader({ request }: Route.LoaderArgs) {
// Vérifier que le sous-domaine correspond à une assemblée existante
// Verify that the subdomain matches an existing congregation
await resolveCongregationFromRequest(request)

const shouldStartSetup = await needSetupProcess()
Expand All @@ -33,7 +33,7 @@ export async function loader({ request }: Route.LoaderArgs) {

const session = await getSession(request.headers.get('Cookie'))
if (session.has('userId') === true) {
// En mode multi-tenant, vérifier que la session correspond à l'assemblée du sous-domaine
// In multi-tenant mode, verify the session matches the subdomain's congregation
const urlCongregation = await resolveCongregationFromRequest(request)
if (urlCongregation) {
const uid = Number(session.get('userId'))
Expand Down
8 changes: 4 additions & 4 deletions app/features/authentication/routes/password-invalidation.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ import ResetPasswordRequired from 'emails/reset-password-required'
import { redirect } from 'react-router'
import { createPasswordResetToken } from '~/features/authentication/server/invalidate-user-password.server'
import { sendResetUserPasswordEmail } from '~/features/authentication/server/send-reset-user-password-email.server'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { resolveCongregation } from '~/shared/libs/congregation.server'
import { unscopedDb as db } from '~/shared/libs/db.server'
import { requireParamId } from '~/shared/libs/params.server'
Expand All @@ -19,8 +19,8 @@ export function loader() {
}

export async function action({ request, params }: Route.ActionArgs) {
const { session } = await verifySession(request)
const canManageUser = await verifyRole(request, Role.SettingsUserManager)
const { session, can } = await authenticateAndAuthorize(request, [Role.SettingsUserManager])
const canManageUser = can(Role.SettingsUserManager)

if (!canManageUser) throw redirect('/')

Expand Down
4 changes: 2 additions & 2 deletions app/features/authentication/routes/user/_layout.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
import { Outlet } from 'react-router'
import { verifySession } from '~/features/authentication/server/session.server'

import type { Route } from './+types/_layout'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'

export const meta: Route.MetaFunction = () => {
return [{ title: 'Mon compte - Unitae' }]
}

export async function loader({ request }: Route.LoaderArgs) {
await verifySession(request)
await authenticateAndAuthorize(request)
return {}
}

Expand Down
8 changes: 4 additions & 4 deletions app/features/authentication/routes/user/profile.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { Form, redirect } from 'react-router'
import { changeUserPassword } from '~/features/authentication/server/change-user-password.server'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import logger from '~/shared/libs/logger.server'
import { Alert, AlertDescription } from '~/shared/ui/alert'
import { Button } from '~/shared/ui/button'
Expand All @@ -10,14 +10,14 @@ import { Label } from '~/shared/ui/label'
import { PageHeader } from '~/shared/ui/PageHeader'

import type { Route } from './+types/profile'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'

export const meta: Route.MetaFunction = () => {
return [{ title: 'Mon profil - Unitae' }]
}

export async function loader({ request }: Route.LoaderArgs) {
const { currentUser, session, congregation } = await verifySession(request)

const { currentUser, session, congregation } = await authenticateAndAuthorize(request)
logger.info(`Loading profile data. User ID: ${currentUser.id}.`)

return {
Expand Down Expand Up @@ -98,7 +98,7 @@ export default function ProfilePage({ loaderData }: Route.ComponentProps) {
}

export async function action({ request }: Route.ActionArgs) {
const { session, currentUser } = await verifySession(request)
const { session, currentUser } = await authenticateAndAuthorize(request)
const formData = await request.formData()
const password = formData.get('password')
const newPassword = formData.get('new_password')
Expand Down
2 changes: 1 addition & 1 deletion app/features/authentication/server/session.server.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ export async function verifySession(request: Request) {
})
}

// En mode multi-tenant, vérifier que le sous-domaine correspond à l'assemblée de l'utilisateur
// In multi-tenant mode, verify that the subdomain matches the user's congregation
const urlCongregation = await resolveCongregationFromRequest(request)
if (urlCongregation && urlCongregation.id !== user.congregationId) {
throw redirect('/login', {
Expand Down
2 changes: 1 addition & 1 deletion app/features/authorization/server/verify-role.server.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ export async function verifyRole(request: Request, roleKey: Role) {
})

if (adminRole != null) {
// Restaurer le contexte ALS — les requêtes unscopedDb via l'adaptateur pg le cassent
// Restore ALS context — unscopedDb queries via the pg adapter break it
congregationContext.enterWith({ congregationId })
return true
}
Expand Down
18 changes: 9 additions & 9 deletions app/features/board/routes/_layout.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,21 @@
import { data, Outlet } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import type { Route } from './+types/_layout'

export const meta: Route.MetaFunction = () => {
return [{ title: `Tableau d'affichage - Unitae` }]
}

export async function loader({ request }: Route.LoaderArgs) {
const { session } = await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const canViewTerritories = await verifyRole(request, Role.TerritoriesViewer)
const canManageSettings = await verifyRole(request, Role.SettingsUserManager)
const canViewPublishers = await verifyRole(request, Role.PublisherViewer)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const canViewProspection = await verifyRole(request, Role.ProspectionViewer)
const { session, can } = await authenticateAndAuthorize(request, [Role.BoardUploader, Role.TerritoriesViewer, Role.SettingsUserManager, Role.PublisherViewer, Role.BoardValidator, Role.ProspectionViewer])
const canUploadDocument = can(Role.BoardUploader)
const canViewTerritories = can(Role.TerritoriesViewer)
const canManageSettings = can(Role.SettingsUserManager)
const canViewPublishers = can(Role.PublisherViewer)
const canManageBoard = can(Role.BoardValidator)
const canViewProspection = can(Role.ProspectionViewer)

const messages = { success: session.get('success'), error: session.get('error') }
return data(
Expand Down
12 changes: 6 additions & 6 deletions app/features/board/routes/documents/delete.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { Form, redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { deleteFile } from '~/features/board/server/document'
import { db } from '~/shared/libs/db.server'
import logger from '~/shared/libs/logger.server'
Expand All @@ -12,8 +12,8 @@ import { Card, CardContent } from '~/shared/ui/card'
import type { Route } from './+types/delete'

export async function loader({ request, params }: Route.LoaderArgs) {
await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const { can } = await authenticateAndAuthorize(request, [Role.BoardUploader])
const canUploadDocument = can(Role.BoardUploader)

if (!canUploadDocument) {
throw redirect('/')
Expand Down Expand Up @@ -48,8 +48,8 @@ export default function DeleteDocumentPage({ loaderData }: Route.ComponentProps)
}

export async function action({ request, params }: Route.ActionArgs) {
const { session, currentUser } = await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const { session, currentUser, can } = await authenticateAndAuthorize(request, [Role.BoardUploader])
const canUploadDocument = can(Role.BoardUploader)

if (!canUploadDocument) {
throw redirect('/')
Expand Down
14 changes: 7 additions & 7 deletions app/features/board/routes/documents/edit.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { Trash2 } from 'lucide-react'
import { Form, Link, redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { db } from '~/shared/libs/db.server'
import { requireParamId } from '~/shared/libs/params.server'
import { Button } from '~/shared/ui/button'
Expand All @@ -18,9 +18,9 @@ export const meta: Route.MetaFunction = () => {
}

export async function loader({ request, params }: Route.LoaderArgs) {
await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { can } = await authenticateAndAuthorize(request, [Role.BoardUploader, Role.BoardValidator])
const canUploadDocument = can(Role.BoardUploader)
const canManageBoard = can(Role.BoardValidator)

if (!canUploadDocument) {
throw redirect('/')
Expand Down Expand Up @@ -156,8 +156,8 @@ export default function EditDocumentPage({ loaderData }: Route.ComponentProps) {
}

export async function action({ request, params }: Route.ActionArgs) {
const { session } = await verifySession(request)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { session, can } = await authenticateAndAuthorize(request, [Role.BoardValidator])
const canManageBoard = can(Role.BoardValidator)

const form = await request.formData()
const title = String(form.get('title'))
Expand Down
7 changes: 3 additions & 4 deletions app/features/board/routes/documents/list.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
import { ChevronDown, ChevronUp, Eye, FileText, Pencil, Trash2 } from 'lucide-react'
import { Form, Link, redirect } from 'react-router'
import { verifySession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { DocumentVisibility } from '~/features/board/ui/DocumentVisibility'
import { db } from '~/shared/libs/db.server'
import logger from '~/shared/libs/logger.server'
Expand All @@ -19,8 +18,8 @@ export const meta: Route.MetaFunction = () => {
}

export async function loader({ request }: Route.LoaderArgs) {
const { currentUser } = await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const { currentUser, can } = await authenticateAndAuthorize(request, [Role.BoardUploader])
const canUploadDocument = can(Role.BoardUploader)

if (!canUploadDocument) {
logger.warn(`Tried to load board documents. User ID: ${currentUser.id}. Does NOT have rights to upload document.`)
Expand Down
8 changes: 4 additions & 4 deletions app/features/board/routes/documents/move-down.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { db } from '~/shared/libs/db.server'
import { requireParamId } from '~/shared/libs/params.server'

Expand All @@ -12,8 +12,8 @@ export function loader(_args: Route.LoaderArgs) {
}

export async function action({ request, params }: Route.ActionArgs) {
const { session } = await verifySession(request)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { session, can } = await authenticateAndAuthorize(request, [Role.BoardValidator])
const canManageBoard = can(Role.BoardValidator)

if (!canManageBoard) {
throw redirect('/')
Expand Down
8 changes: 4 additions & 4 deletions app/features/board/routes/documents/move-up.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { db } from '~/shared/libs/db.server'
import { requireParamId } from '~/shared/libs/params.server'

Expand All @@ -12,8 +12,8 @@ export function loader(_args: Route.LoaderArgs) {
}

export async function action({ request, params }: Route.ActionArgs) {
const { session } = await verifySession(request)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { session, can } = await authenticateAndAuthorize(request, [Role.BoardValidator])
const canManageBoard = can(Role.BoardValidator)

if (!canManageBoard) {
throw redirect('/')
Expand Down
17 changes: 8 additions & 9 deletions app/features/board/routes/documents/new.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { type FileUpload, parseFormData } from '@mjackson/form-data-parser'
import { Form, redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { saveFile } from '~/features/board/server/document'
import { sendNewDocumentNotificationEmail } from '~/features/board/server/notifications'
import { db } from '~/shared/libs/db.server'
Expand All @@ -21,9 +21,9 @@ export const meta: Route.MetaFunction = () => {
}

export async function loader({ request }: Route.LoaderArgs) {
const { currentUser } = await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { currentUser, can } = await authenticateAndAuthorize(request, [Role.BoardUploader, Role.BoardValidator])
const canUploadDocument = can(Role.BoardUploader)
const canManageBoard = can(Role.BoardValidator)

if (!canUploadDocument) {
logger.warn(
Expand Down Expand Up @@ -132,10 +132,9 @@ export default function NewDocumentPage({ loaderData }: Route.ComponentProps) {
}

export async function action({ request }: Route.ActionArgs) {
const { currentUser, session, congregation } = await verifySession(request)

const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { currentUser, session, congregation, can } = await authenticateAndAuthorize(request, [Role.BoardUploader, Role.BoardValidator])
const canUploadDocument = can(Role.BoardUploader)
const canManageBoard = can(Role.BoardValidator)

if (!canUploadDocument) {
logger.warn(
Expand Down
4 changes: 2 additions & 2 deletions app/features/board/routes/documents/pdf-loader.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
import { redirect } from 'react-router'
import { verifySession } from '~/features/authentication/server/session.server'
import { getFileStream } from '~/features/board/server/document'
import { db } from '~/shared/libs/db.server'
import logger from '~/shared/libs/logger.server'
import { requireParamId } from '~/shared/libs/params.server'

import type { Route } from './+types/pdf-loader'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'

export const meta: Route.MetaFunction = () => {
return [{ title: `Tableau d'affichage - Unitae` }]
}

export async function loader({ params, request }: Route.LoaderArgs) {
const { currentUser } = await verifySession(request)
const { currentUser } = await authenticateAndAuthorize(request)
logger.info(`Loading document ID: ${params.documentId}. User ID: ${currentUser.id}.`, { currentUser })

const document = await db.boardDocument.update({
Expand Down
9 changes: 4 additions & 5 deletions app/features/board/routes/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { FileText } from 'lucide-react'
import { verifySession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { DocumentCard } from '~/features/board/ui/DocumentCard'
import { db } from '~/shared/libs/db.server'
import logger from '~/shared/libs/logger.server'
Expand All @@ -14,9 +13,9 @@ export const meta: Route.MetaFunction = () => {
}

export async function loader({ request }: Route.LoaderArgs) {
const { currentUser } = await verifySession(request)
const canUploadDocument = await verifyRole(request, Role.BoardUploader)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { currentUser, can } = await authenticateAndAuthorize(request, [Role.BoardUploader, Role.BoardValidator])
const canUploadDocument = can(Role.BoardUploader)
const canManageBoard = can(Role.BoardValidator)

const folders = await db.boardSection.findMany({
where: {},
Expand Down
12 changes: 6 additions & 6 deletions app/features/board/routes/sections/delete.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { Form, redirect } from 'react-router'
import { commitSession, verifySession } from '~/features/authentication/server/session.server'
import { commitSession } from '~/features/authentication/server/session.server'
import { Role } from '~/features/authorization/model/roles.type'
import { verifyRole } from '~/features/authorization/server/verify-role.server'
import { authenticateAndAuthorize } from '~/shared/libs/auth.server'
import { db } from '~/shared/libs/db.server'
import { requireParamId } from '~/shared/libs/params.server'
import { Button } from '~/shared/ui/button'
Expand All @@ -10,8 +10,8 @@ import { Card, CardContent } from '~/shared/ui/card'
import type { Route } from './+types/delete'

export async function loader({ request, params }: Route.LoaderArgs) {
await verifySession(request)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { can } = await authenticateAndAuthorize(request, [Role.BoardValidator])
const canManageBoard = can(Role.BoardValidator)

if (!canManageBoard) {
throw redirect('/')
Expand Down Expand Up @@ -46,8 +46,8 @@ export default function DeleteSectionPage({ loaderData }: Route.ComponentProps)
}

export async function action({ request, params }: Route.ActionArgs) {
const { session } = await verifySession(request)
const canManageBoard = await verifyRole(request, Role.BoardValidator)
const { session, can } = await authenticateAndAuthorize(request, [Role.BoardValidator])
const canManageBoard = can(Role.BoardValidator)

if (!canManageBoard) {
throw redirect('/')
Expand Down
Loading
Loading