kocoded/Nachhilfesystem24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Wrap Posts route with a private set

Browse Source
This commit is contained in:
Konstantin Hintermayer 2024-10-04 09:51:20 +02:00
parent 1a12ed6c9c
commit 5251a637de
2 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
api/src/functions/auth.ts
View File

@ -6,6 +6,20 @@ import type { DbAuthHandlerOptions, UserType } from '@redwoodjs/auth-dbauth-api'
import { cookieName } from 'src/lib/auth' import { cookieName } from 'src/lib/auth'
import { db } from 'src/lib/db' import { db } from 'src/lib/db'
export const cookie = {
attributes: {
HttpOnly: true,
Path: '/',
SameSite: 'Strict',
Secure: process.env.NODE_ENV !== 'development',
// If you need to allow other domains (besides the api side) access to
// the dbAuth session cookie:
// Domain: 'example.com',
},
name: cookieName,
}
export const handler = async ( export const handler = async (
event: APIGatewayProxyEvent, event: APIGatewayProxyEvent,
context: Context context: Context
@ -183,19 +197,7 @@ export const handler = async (
// Specifies attributes on the cookie that dbAuth sets in order to remember // Specifies attributes on the cookie that dbAuth sets in order to remember
// who is logged in. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies // who is logged in. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies
cookie: { cookie,
attributes: {
HttpOnly: true,
Path: '/',
SameSite: 'Strict',
Secure: process.env.NODE_ENV !== 'development',
// If you need to allow other domains (besides the api side) access to
// the dbAuth session cookie:
// Domain: 'example.com',
},
name: cookieName,
},
forgotPassword: forgotPasswordOptions, forgotPassword: forgotPasswordOptions,
login: loginOptions, login: loginOptions,

2
web/src/Routes.tsx
View File

@ -16,12 +16,14 @@ import { useAuth } from './auth'
const Routes = () => { const Routes = () => {
return ( return (
<Router useAuth={useAuth}> <Router useAuth={useAuth}>
<PrivateSet unauthenticated="home">
<Set wrap={ScaffoldLayout} title="Posts" titleTo="posts" buttonLabel="New Post" buttonTo="newPost"> <Set wrap={ScaffoldLayout} title="Posts" titleTo="posts" buttonLabel="New Post" buttonTo="newPost">
<Route path="/admin/posts/new" page={PostNewPostPage} name="newPost" /> <Route path="/admin/posts/new" page={PostNewPostPage} name="newPost" />
<Route path="/admin/posts/{id:Int}/edit" page={PostEditPostPage} name="editPost" /> <Route path="/admin/posts/{id:Int}/edit" page={PostEditPostPage} name="editPost" />
<Route path="/admin/posts/{id:Int}" page={PostPostPage} name="post" /> <Route path="/admin/posts/{id:Int}" page={PostPostPage} name="post" />
<Route path="/admin/posts" page={PostPostsPage} name="posts" /> <Route path="/admin/posts" page={PostPostsPage} name="posts" />
</Set> </Set>
</PrivateSet>
<Route path="/login" page={LoginPage} name="login" /> <Route path="/login" page={LoginPage} name="login" />
<Route path="/signup" page={SignupPage} name="signup" /> <Route path="/signup" page={SignupPage} name="signup" />
<Route path="/forgot-password" page={ForgotPasswordPage} name="forgotPassword" /> <Route path="/forgot-password" page={ForgotPasswordPage} name="forgotPassword" />