mirror of https://github.com/halo-dev/halo
83 lines
1.9 KiB
TypeScript
83 lines
1.9 KiB
TypeScript
import { rbacAnnotations } from "@/constants/annotations";
|
|
import { useUserStore } from "@/stores/user";
|
|
import type { Router } from "vue-router";
|
|
|
|
const whiteList = ["Setup", "Login", "Binding", "ResetPassword", "Redirect"];
|
|
|
|
export function setupAuthCheckGuard(router: Router) {
|
|
router.beforeEach((to, from, next) => {
|
|
const userStore = useUserStore();
|
|
|
|
if (userStore.isAnonymous) {
|
|
if (whiteList.includes(to.name as string)) {
|
|
next();
|
|
return;
|
|
}
|
|
|
|
next({
|
|
name: "Login",
|
|
query: {
|
|
redirect_uri: encodeURIComponent(window.location.href),
|
|
},
|
|
});
|
|
return;
|
|
} else {
|
|
if (to.name === "Login") {
|
|
if (to.query.redirect_uri) {
|
|
next({
|
|
name: "Redirect",
|
|
query: {
|
|
redirect_uri: to.query.redirect_uri,
|
|
},
|
|
});
|
|
return;
|
|
}
|
|
|
|
const roleHasRedirectOnLogin = userStore.currentRoles?.find(
|
|
(role) =>
|
|
role.metadata.annotations?.[rbacAnnotations.REDIRECT_ON_LOGIN]
|
|
);
|
|
|
|
if (roleHasRedirectOnLogin) {
|
|
window.location.href =
|
|
roleHasRedirectOnLogin.metadata.annotations?.[
|
|
rbacAnnotations.REDIRECT_ON_LOGIN
|
|
] || "/uc";
|
|
return;
|
|
}
|
|
|
|
next({
|
|
name: "Dashboard",
|
|
});
|
|
return;
|
|
}
|
|
|
|
if (to.name && whiteList.includes(to.name as string)) {
|
|
next();
|
|
return;
|
|
}
|
|
|
|
// Check allow access console
|
|
const { currentRoles } = userStore;
|
|
|
|
const hasDisallowAccessConsoleRole = currentRoles?.some((role) => {
|
|
return (
|
|
role.metadata.annotations?.[
|
|
rbacAnnotations.DISALLOW_ACCESS_CONSOLE
|
|
] === "true"
|
|
);
|
|
});
|
|
|
|
if (hasDisallowAccessConsoleRole) {
|
|
window.location.href = "/uc";
|
|
return;
|
|
}
|
|
|
|
next();
|
|
return;
|
|
}
|
|
|
|
next();
|
|
});
|
|
}
|