Skip to content

Commit

Permalink
fix: don't redirect callback to login when using 'auth' globally (#131)
Browse files Browse the repository at this point in the history
Also, if dev has disabled redirect (all or callback/login), supported according to the options documentation, don't let that affect the middleware here.
  • Loading branch information
benmccallum authored and pi0 committed Apr 11, 2018
1 parent 7d17f75 commit 08d86cb
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions lib/core/middleware.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,17 +14,21 @@ Middleware.auth = function (ctx) {
return
}

const { login } = ctx.app.$auth.options.redirect
const { login, callback } = ctx.app.$auth.options.redirect

if (ctx.app.$auth.$state.loggedIn) {
// -- Authorized --
// Redirect to home page if inside login page
if (login && ctx.route.path === login.split('?')[0]) {
// Redirect to home page if inside login page (or login page disabled)
if (!login || ctx.route.path === login.split('?')[0]) {
ctx.app.$auth.redirect('home')
}
} else {
// -- Guest --
// Redirect to login path if not authorized
ctx.app.$auth.redirect('login')
// Redirect to login page if not authorized and not inside callback page
// (Those passing `callback` at runtime need to mark their callback component
// with `auth: false` to avoid an unnecessary redirect from callback to login)
if (!callback || ctx.route.path !== callback.split('?')[0]) {
ctx.app.$auth.redirect('login')
}
}
}

0 comments on commit 08d86cb

Please sign in to comment.