halo/ui/console-src/router/guards/auth-check.ts

import { rbacAnnotations } from "@/constants/annotations";
import { useUserStore } from "@/stores/user";
import type { Router } from "vue-router";

const whiteList = ["Setup", "Login", "Binding", "ResetPassword", "Redirect"];

export function setupAuthCheckGuard(router: Router) {
  router.beforeEach((to, from, next) => {
    const userStore = useUserStore();

    if (userStore.isAnonymous) {
      if (whiteList.includes(to.name as string)) {
        next();
        return;
      }

      next({
        name: "Login",
        query: {
          redirect_uri: encodeURIComponent(window.location.href),
        },
      });
      return;
    } else {
      if (to.name === "Login") {
        if (to.query.redirect_uri) {
          next({
            name: "Redirect",
            query: {
              redirect_uri: to.query.redirect_uri,
            },
          });
          return;
        }

        const roleHasRedirectOnLogin = userStore.currentRoles?.find(
          (role) =>
            role.metadata.annotations?.[rbacAnnotations.REDIRECT_ON_LOGIN]
        );

        if (roleHasRedirectOnLogin) {
          window.location.href =
            roleHasRedirectOnLogin.metadata.annotations?.[
              rbacAnnotations.REDIRECT_ON_LOGIN
            ] || "/uc";
          return;
        }

        next({
          name: "Dashboard",
        });
        return;
      }

      if (to.name && whiteList.includes(to.name as string)) {
        next();
        return;
      }

      // Check allow access console
      const { currentRoles } = userStore;

      const hasDisallowAccessConsoleRole = currentRoles?.some((role) => {
        return (
          role.metadata.annotations?.[
            rbacAnnotations.DISALLOW_ACCESS_CONSOLE
          ] === "true"
        );
      });

      if (hasDisallowAccessConsoleRole) {
        window.location.href = "/uc";
        return;
      }

      next();
      return;
    }

    next();
  });
}
feat: support for configuring the redirection location after login for roles (#4918) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义的角色配置登录之后默认跳转位置。 #### Special notes for your reviewer: 1. 创建一个新的角色，设置跳转位置。 2. 为一个用户赋予这个角色。 3. 测试登录之后是否正常跳转到设置的位置。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义的角色配置登录之后默认跳转位置。 ``` 2023-11-27 14:10:09 +00:00			`import { rbacAnnotations } from "@/constants/annotations";`
refactor: managing logged-in user states with pinia (halo-dev/console#699) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 使用 Pinia 管理已授权用户信息，并提供判断是否是 `anonymousUser` 的方式。适配 https://github.com/halo-dev/halo/pull/2729 #### Special notes for your reviewer: /cc @halo-dev/sig-halo-console 测试流程： 1. Halo 需要切换到 https://github.com/halo-dev/halo/pull/2729 的分支。 2. 测试 Console 端的登录、退出等流程。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2022-11-23 08:39:29 +00:00			`import { useUserStore } from "@/stores/user";`
refactor: logic of user login (halo-dev/console#636) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 优化用户登录的逻辑。适配：https://github.com/halo-dev/halo/pull/2528 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/2506 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化用户登录的逻辑 ``` 2022-10-11 09:00:14 +00:00			`import type { Router } from "vue-router";`

fix: wrong router navigation when redirect to /uc (#5609) #### What type of PR is this? /kind bug /area ui #### What this PR does / why we need it: 修复当角色勾选禁止访问 Console 后，redirect_uri 参数无效的问题 #### How to test it? 测试角色禁止访问 console 时，当链接中携带 redirect_uri 参数，能否正常跳转 #### Which issue(s) this PR fixes: Fixes #5417 #### Does this PR introduce a user-facing change? ```release-note 修复当角色禁止访问 Console 后，redirect_uri 参数无效的问题 ``` 2024-03-27 13:14:06 +00:00			`const whiteList = ["Setup", "Login", "Binding", "ResetPassword", "Redirect"];`
feat: support user registration (#3631) #### What type of PR is this? /kind feature /area core /area console /milestone 2.4.0 #### What this PR does / why we need it: 新增用户注册功能 #### Which issue(s) this PR fixes: Fixes #2813 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 新增用户注册功能 ``` 2023-03-30 09:44:15 +00:00
refactor: logic of user login (halo-dev/console#636) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 优化用户登录的逻辑。适配：https://github.com/halo-dev/halo/pull/2528 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/2506 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化用户登录的逻辑 ``` 2022-10-11 09:00:14 +00:00			`export function setupAuthCheckGuard(router: Router) {`
			`router.beforeEach((to, from, next) => {`
refactor: managing logged-in user states with pinia (halo-dev/console#699) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 使用 Pinia 管理已授权用户信息，并提供判断是否是 `anonymousUser` 的方式。适配 https://github.com/halo-dev/halo/pull/2729 #### Special notes for your reviewer: /cc @halo-dev/sig-halo-console 测试流程： 1. Halo 需要切换到 https://github.com/halo-dev/halo/pull/2729 的分支。 2. 测试 Console 端的登录、退出等流程。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2022-11-23 08:39:29 +00:00			`const userStore = useUserStore();`

fix: unable to login again after using oauth providers login (#3571) #### What type of PR is this? /kind bug /area console #### What this PR does / why we need it: 修复使用非本地认证登录之后，无法重新登录的问题。此问题来源是三方登录方式登录之后没有在 localStorage 存入 `logged_in` 的 flag。并且在引入匿名用户之后，本身也不再需要这个 flag。 #### Which issue(s) this PR fixes: Fixes #3569 #### Special notes for your reviewer: 测试方式： 1. 使用 https://github.com/halo-sigs/plugin-oauth2/pull/3 插件配置 OAuth 2 的登录方式。 2. 在个人资料中绑定配置的登录方式。 3. 测试登录之后退出，再进行登录。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2023-03-23 14:52:34 +00:00			`if (userStore.isAnonymous) {`
perf: improve the experience of redirection after login (#4014) #### What type of PR is this? /area console /kind improvement /milestone 2.6.x #### What this PR does / why we need it: 优化 Console 端登录之后重定向的体验，解决在重定向时会重新显示登录页面的问题。 #### Which issue(s) this PR fixes: Fixes #4010 #### Special notes for your reviewer: 测试方式与 https://github.com/halo-dev/halo/pull/3989 相同。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2023-05-31 06:55:01 +00:00			`if (whiteList.includes(to.name as string)) {`
			`next();`
			`return;`
			`}`

feat: login page supports redirect_uri parameter (#3989) #### What type of PR is this? /area console /kind feature /milestone 2.6.x #### What this PR does / why we need it: Console 端的登录页面支持登录之后重定向到某个链接（通过 redirect_uri 参数）。支持一下链接形式： 1. 相对地址，比如 `/console#/plugins`、`/apps/app-links` 2. 绝对地址，仅限于同源地址，不支持非同源地址的重定向。 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/3982 #### Special notes for your reviewer: 测试方式： 1. 在未登录的情况下访问如 `http://127.0.0.1:8090/console#/theme` 地址，观察登录之后是否会返回到这个页面。 2. 手动在登录页面构造如 `https://127.0.0.1:8090/console#/login?redirect_uri=/` 的地址，观察登录之后是否会跳转。 #### Does this PR introduce a user-facing change? ```release-note Console 端的登录页面支持登录之后重定向到某个站内链接。 ``` 2023-05-25 14:30:18 +00:00			`next({`
			`name: "Login",`
			`query: {`
fix: redirection fails after login (#4423) #### What type of PR is this? /kind bug #### What this PR does / why we need it: 对 console 跳转链接进行编码，用于解决跳转链接中如果携带非标准字符而导致的报错 #### How to test it? 本地开发环境：重定向地址无误且进行了 uri 编码即可。生产环境：在 console 后端未登录时，前往应用市场输入网站地址进行安装，之后进行登录，查看是否能够正确跳转。 #### Which issue(s) this PR fixes: Fixes #4351 #### Does this PR introduce a user-facing change? ```release-note 对 console 重定向链接进行编码 ``` 2023-08-15 09:00:13 +00:00			`redirect_uri: encodeURIComponent(window.location.href),`
feat: login page supports redirect_uri parameter (#3989) #### What type of PR is this? /area console /kind feature /milestone 2.6.x #### What this PR does / why we need it: Console 端的登录页面支持登录之后重定向到某个链接（通过 redirect_uri 参数）。支持一下链接形式： 1. 相对地址，比如 `/console#/plugins`、`/apps/app-links` 2. 绝对地址，仅限于同源地址，不支持非同源地址的重定向。 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/3982 #### Special notes for your reviewer: 测试方式： 1. 在未登录的情况下访问如 `http://127.0.0.1:8090/console#/theme` 地址，观察登录之后是否会返回到这个页面。 2. 手动在登录页面构造如 `https://127.0.0.1:8090/console#/login?redirect_uri=/` 的地址，观察登录之后是否会跳转。 #### Does this PR introduce a user-facing change? ```release-note Console 端的登录页面支持登录之后重定向到某个站内链接。 ``` 2023-05-25 14:30:18 +00:00			`},`
			`});`
refactor: logic of user login (halo-dev/console#636) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 优化用户登录的逻辑。适配：https://github.com/halo-dev/halo/pull/2528 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/2506 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化用户登录的逻辑 ``` 2022-10-11 09:00:14 +00:00			`return;`
perf: improve the experience of redirection after login (#4014) #### What type of PR is this? /area console /kind improvement /milestone 2.6.x #### What this PR does / why we need it: 优化 Console 端登录之后重定向的体验，解决在重定向时会重新显示登录页面的问题。 #### Which issue(s) this PR fixes: Fixes #4010 #### Special notes for your reviewer: 测试方式与 https://github.com/halo-dev/halo/pull/3989 相同。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2023-05-31 06:55:01 +00:00			`} else {`
			`if (to.name === "Login") {`
			`if (to.query.redirect_uri) {`
			`next({`
			`name: "Redirect",`
			`query: {`
			`redirect_uri: to.query.redirect_uri,`
			`},`
			`});`
			`return;`
			`}`
feat: support for configuring the redirection location after login for roles (#4918) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义的角色配置登录之后默认跳转位置。 #### Special notes for your reviewer: 1. 创建一个新的角色，设置跳转位置。 2. 为一个用户赋予这个角色。 3. 测试登录之后是否正常跳转到设置的位置。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义的角色配置登录之后默认跳转位置。 ``` 2023-11-27 14:10:09 +00:00
			`const roleHasRedirectOnLogin = userStore.currentRoles?.find(`
			`(role) =>`
			`role.metadata.annotations?.[rbacAnnotations.REDIRECT_ON_LOGIN]`
			`);`

			`if (roleHasRedirectOnLogin) {`
			`window.location.href =`
			`roleHasRedirectOnLogin.metadata.annotations?.[`
			`rbacAnnotations.REDIRECT_ON_LOGIN`
feat: add disallow access console option for custom role (#4958) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义角色配置禁止访问 Console 的选项。 #### Special notes for your reviewer: 测试方式： 1. 创建一个新角色，勾选禁止访问 Console 的选项，并赋予给某个用户。 2. 登录之后，尝试访问 /console 观察是否能够正常访问。 3. 检查个人中心左下角是否有进入 Console 的按钮。 4. 测试其他未设置这个选项的角色是否正常。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义角色配置禁止访问 Console 的选项。 ``` 2023-12-01 02:38:09 +00:00			`] \|\| "/uc";`
feat: support for configuring the redirection location after login for roles (#4918) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义的角色配置登录之后默认跳转位置。 #### Special notes for your reviewer: 1. 创建一个新的角色，设置跳转位置。 2. 为一个用户赋予这个角色。 3. 测试登录之后是否正常跳转到设置的位置。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义的角色配置登录之后默认跳转位置。 ``` 2023-11-27 14:10:09 +00:00			`return;`
			`}`

			`next({`
			`name: "Dashboard",`
			`});`
			`return;`
perf: improve the experience of redirection after login (#4014) #### What type of PR is this? /area console /kind improvement /milestone 2.6.x #### What this PR does / why we need it: 优化 Console 端登录之后重定向的体验，解决在重定向时会重新显示登录页面的问题。 #### Which issue(s) this PR fixes: Fixes #4010 #### Special notes for your reviewer: 测试方式与 https://github.com/halo-dev/halo/pull/3989 相同。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2023-05-31 06:55:01 +00:00			`}`
feat: add disallow access console option for custom role (#4958) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义角色配置禁止访问 Console 的选项。 #### Special notes for your reviewer: 测试方式： 1. 创建一个新角色，勾选禁止访问 Console 的选项，并赋予给某个用户。 2. 登录之后，尝试访问 /console 观察是否能够正常访问。 3. 检查个人中心左下角是否有进入 Console 的按钮。 4. 测试其他未设置这个选项的角色是否正常。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义角色配置禁止访问 Console 的选项。 ``` 2023-12-01 02:38:09 +00:00
fix: wrong router navigation when redirect to /uc (#5609) #### What type of PR is this? /kind bug /area ui #### What this PR does / why we need it: 修复当角色勾选禁止访问 Console 后，redirect_uri 参数无效的问题 #### How to test it? 测试角色禁止访问 console 时，当链接中携带 redirect_uri 参数，能否正常跳转 #### Which issue(s) this PR fixes: Fixes #5417 #### Does this PR introduce a user-facing change? ```release-note 修复当角色禁止访问 Console 后，redirect_uri 参数无效的问题 ``` 2024-03-27 13:14:06 +00:00			`if (to.name && whiteList.includes(to.name as string)) {`
feat: add disallow access console option for custom role (#4958) #### What type of PR is this? /area console /kind feature /milestone 2.11.x #### What this PR does / why we need it: 支持为自定义角色配置禁止访问 Console 的选项。 #### Special notes for your reviewer: 测试方式： 1. 创建一个新角色，勾选禁止访问 Console 的选项，并赋予给某个用户。 2. 登录之后，尝试访问 /console 观察是否能够正常访问。 3. 检查个人中心左下角是否有进入 Console 的按钮。 4. 测试其他未设置这个选项的角色是否正常。 #### Does this PR introduce a user-facing change? ```release-note 支持为自定义角色配置禁止访问 Console 的选项。 ``` 2023-12-01 02:38:09 +00:00			`next();`
			`return;`
			`}`

			`// Check allow access console`
			`const { currentRoles } = userStore;`

			`const hasDisallowAccessConsoleRole = currentRoles?.some((role) => {`
			`return (`
			`role.metadata.annotations?.[`
			`rbacAnnotations.DISALLOW_ACCESS_CONSOLE`
			`] === "true"`
			`);`
			`});`

			`if (hasDisallowAccessConsoleRole) {`
			`window.location.href = "/uc";`
			`return;`
			`}`

			`next();`
			`return;`
refactor: logic of user login (halo-dev/console#636) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 优化用户登录的逻辑。适配：https://github.com/halo-dev/halo/pull/2528 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/2506 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化用户登录的逻辑 ``` 2022-10-11 09:00:14 +00:00			`}`
perf: improve the experience of redirection after login (#4014) #### What type of PR is this? /area console /kind improvement /milestone 2.6.x #### What this PR does / why we need it: 优化 Console 端登录之后重定向的体验，解决在重定向时会重新显示登录页面的问题。 #### Which issue(s) this PR fixes: Fixes #4010 #### Special notes for your reviewer: 测试方式与 https://github.com/halo-dev/halo/pull/3989 相同。 #### Does this PR introduce a user-facing change? ```release-note None ``` 2023-05-31 06:55:01 +00:00
refactor: logic of user login (halo-dev/console#636) #### What type of PR is this? /kind improvement /milestone 2.0 #### What this PR does / why we need it: 优化用户登录的逻辑。适配：https://github.com/halo-dev/halo/pull/2528 #### Which issue(s) this PR fixes: Fixes https://github.com/halo-dev/halo/issues/2506 #### Special notes for your reviewer: #### Does this PR introduce a user-facing change? ```release-note 优化用户登录的逻辑 ``` 2022-10-11 09:00:14 +00:00			`next();`
			`});`
			`}`