Fork me on GitHub
#re-frame
<
2019-05-07
>
Bravi19:05:23

hi everyone. what’s a good way to restrict users from accessing a private route? basically if they’re not logged in, they should be redirected to login page..

Bravi19:05:41

at the moment, my routes are dispatching set-active-page action, that determines which page component to load. should I be doing this logged-in? check at events level?

lilactown19:05:01

IMO I would prefer to do this at the HTTP level, not in the app

lilactown19:05:56

ex have one "public" app that might have a login form and other things unauthorized users can access, once they've logged in they are redirected to the private route that has the "private" app

lilactown19:05:11

these can all be built in the same project, using module splitting

Bravi19:05:32

so do you mean 2 different re-frame apps?

lilactown19:05:55

essentially yes. same code base, two different apps

lilactown19:05:30

this might depend on how you're authenticating

Bravi19:05:40

at the moment it’s all SPA. So initially I land on Login page and I’m using JWT authentication and then I’m setting an access token in my local storage + re-frame db. so let’s say I have two routes - /about-us and /dashboard. If I type in http://mysite.com/dashboard and visit the page as a guest, at the moment I’m getting a partially rendered page, as there is no user info set and dashboard needs the user ID to query some stuff via graphql. so that’s what I’m trying to solve basically