auth querying consolidation
This commit is contained in:
Michael Freno
@@ -1,17 +1,14 @@
|
||||
import { createSignal, Show, For, createEffect, ErrorBoundary } from "solid-js";
|
||||
import { PageHead } from "~/components/PageHead";
|
||||
import { redirect, query, createAsync, useNavigate } from "@solidjs/router";
|
||||
import { getEvent } from "vinxi/http";
|
||||
import { api } from "~/lib/api";
|
||||
|
||||
const checkAdmin = query(async (): Promise<boolean> => {
|
||||
"use server";
|
||||
const { getUserID } = await import("~/server/auth");
|
||||
const { env } = await import("~/env/server");
|
||||
const event = getEvent()!;
|
||||
const userId = await getUserID(event);
|
||||
const { getUserState } = await import("~/lib/auth-query");
|
||||
const userState = await getUserState();
|
||||
|
||||
if (!userId || userId !== env.ADMIN_ID) {
|
||||
if (userState.privilegeLevel !== "admin") {
|
||||
throw redirect("/");
|
||||
}
|
||||
|
||||
|
||||
@@ -2,32 +2,30 @@ import { Show, lazy } from "solid-js";
|
||||
import { query, redirect } from "@solidjs/router";
|
||||
import { PageHead } from "~/components/PageHead";
|
||||
import { createAsync } from "@solidjs/router";
|
||||
import { getEvent } from "vinxi/http";
|
||||
import { getUserState } from "~/lib/auth-query";
|
||||
import { Spinner } from "~/components/Spinner";
|
||||
import "../post.css";
|
||||
|
||||
const PostForm = lazy(() => import("~/components/blog/PostForm"));
|
||||
|
||||
const getAuthState = query(async () => {
|
||||
const checkAdminAccess = query(async () => {
|
||||
"use server";
|
||||
const { getPrivilegeLevel, getUserID } = await import("~/server/utils");
|
||||
const event = getEvent()!;
|
||||
const privilegeLevel = await getPrivilegeLevel(event);
|
||||
const userID = await getUserID(event);
|
||||
// Reuse shared auth query for consistency
|
||||
const userState = await getUserState();
|
||||
|
||||
if (privilegeLevel !== "admin") {
|
||||
if (userState.privilegeLevel !== "admin") {
|
||||
throw redirect("/401");
|
||||
}
|
||||
|
||||
return { privilegeLevel, userID };
|
||||
}, "create-post-auth");
|
||||
return { userID: userState.userId! };
|
||||
}, "create-post-admin-check");
|
||||
|
||||
export const route = {
|
||||
load: () => getAuthState()
|
||||
load: () => checkAdminAccess()
|
||||
};
|
||||
|
||||
export default function CreatePost() {
|
||||
const authState = createAsync(() => getAuthState());
|
||||
const authState = createAsync(() => checkAdminAccess());
|
||||
|
||||
return (
|
||||
<>
|
||||
|
||||
@@ -2,20 +2,17 @@ import { Show, lazy } from "solid-js";
|
||||
import { useParams, query, redirect } from "@solidjs/router";
|
||||
import { PageHead } from "~/components/PageHead";
|
||||
import { createAsync } from "@solidjs/router";
|
||||
import { getEvent } from "vinxi/http";
|
||||
import "../post.css";
|
||||
|
||||
const PostForm = lazy(() => import("~/components/blog/PostForm"));
|
||||
|
||||
const getPostForEdit = query(async (id: string) => {
|
||||
"use server";
|
||||
const { getPrivilegeLevel, getUserID, ConnectionFactory } =
|
||||
await import("~/server/utils");
|
||||
const event = getEvent()!;
|
||||
const privilegeLevel = await getPrivilegeLevel(event);
|
||||
const userID = await getUserID(event);
|
||||
const { getUserState } = await import("~/lib/auth-query");
|
||||
const { ConnectionFactory } = await import("~/server/utils");
|
||||
const userState = await getUserState();
|
||||
|
||||
if (privilegeLevel !== "admin") {
|
||||
if (userState.privilegeLevel !== "admin") {
|
||||
throw redirect("/401");
|
||||
}
|
||||
|
||||
@@ -35,7 +32,12 @@ const getPostForEdit = query(async (id: string) => {
|
||||
const post = results.rows[0];
|
||||
const tags = tagRes.rows;
|
||||
|
||||
return { post, tags, privilegeLevel, userID };
|
||||
return {
|
||||
post,
|
||||
tags,
|
||||
privilegeLevel: userState.privilegeLevel,
|
||||
userID: userState.userId
|
||||
};
|
||||
}, "post-for-edit");
|
||||
|
||||
export const route = {
|
||||
|
||||
@@ -7,7 +7,7 @@ import {
|
||||
query
|
||||
} from "@solidjs/router";
|
||||
import { PageHead } from "~/components/PageHead";
|
||||
import { revalidateUserState } from "~/components/Bars";
|
||||
import { revalidateAuth } from "~/lib/auth-query";
|
||||
import { getEvent } from "vinxi/http";
|
||||
import GoogleLogo from "~/components/icons/GoogleLogo";
|
||||
import GitHub from "~/components/icons/GitHub";
|
||||
@@ -206,7 +206,7 @@ export default function LoginPage() {
|
||||
|
||||
if (response.ok && result.result?.data?.success) {
|
||||
setShowPasswordSuccess(true);
|
||||
revalidateUserState(); // Refresh user state in sidebar
|
||||
revalidateAuth(); // Refresh auth state globally
|
||||
setTimeout(() => {
|
||||
navigate("/account", { replace: true });
|
||||
}, 500);
|
||||
|
||||
@@ -1,16 +1,13 @@
|
||||
import { createSignal, For, Show } from "solid-js";
|
||||
import { query, createAsync } from "@solidjs/router";
|
||||
import { PageHead } from "~/components/PageHead";
|
||||
import { getRequestEvent } from "solid-js/web";
|
||||
import { api } from "~/lib/api";
|
||||
import { getUserState } from "~/lib/auth-query";
|
||||
|
||||
const getAuthState = query(async () => {
|
||||
const checkAdminAccess = query(async () => {
|
||||
"use server";
|
||||
const { getPrivilegeLevel } = await import("~/server/utils");
|
||||
const event = getRequestEvent()!;
|
||||
const privilegeLevel = await getPrivilegeLevel(event.nativeEvent);
|
||||
|
||||
return { privilegeLevel };
|
||||
const userState = await getUserState();
|
||||
return { privilegeLevel: userState.privilegeLevel };
|
||||
}, "test-auth-state");
|
||||
|
||||
type EndpointTest = {
|
||||
@@ -840,7 +837,7 @@ const routerSections: RouterSection[] = [
|
||||
];
|
||||
|
||||
export default function TestPage() {
|
||||
const authState = createAsync(() => getAuthState());
|
||||
const authState = createAsync(() => checkAdminAccess());
|
||||
|
||||
const [expandedSections, setExpandedSections] = createSignal<Set<string>>(
|
||||
new Set()
|
||||
|
||||
Reference in New Issue
Block a user