chore: added clarity to the redirect functionality

interledger · Aug 22, 2024 · adbb734 · adbb734
1 parent 32fa66c
commit adbb734
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 24 deletions.
diff --git a/packages/frontend/app/lib/envConfig.server.ts b/packages/frontend/app/lib/envConfig.server.ts
@@ -9,7 +9,6 @@ const variables = {
 }
 
 if (variables.authEnabled) {
-  // Iterate over the other variables to ensure they have values
   Object.entries(variables).forEach(([key, value]) => {
     if (!value) {
       throw new Error(`Environment variable ${key} is missing`)

diff --git a/packages/frontend/app/lib/kratos_checks.server.ts b/packages/frontend/app/lib/kratos_checks.server.ts
@@ -31,35 +31,34 @@ export async function checkAuthAndRedirect(
   url: string,
   cookieHeader?: string | null
 ) {
-  const isAuthPath = new URL(url).pathname.startsWith('/auth')
-  const isSettingsPage = new URL(url).pathname.includes('/settings')
-  const isLogoutPage = new URL(url).pathname.includes('/logout')
+  const { pathname } = new URL(url)
+  const isAuthPath = pathname.startsWith('/auth')
+  const isSettingsPage = pathname.includes('/settings')
+  const isLogoutPage = pathname.includes('/logout')
 
-  if (isAuthPath) {
-    if (!variables.authEnabled) {
+  if (!variables.authEnabled) {
+    // If auth is disabled users shouldn't accesses the auth path or Kratos settings pages
+    if (isAuthPath || isSettingsPage) {
       throw redirect('/')
     } else {
-      const loggedIn = await isLoggedIn(cookieHeader)
-      if (loggedIn) {
-        if(isLogoutPage) {
-          return
-        }
-        throw redirect('/')
-      }
       return
     }
+  }
+
+  // auth is enabled
+  const loggedIn = await isLoggedIn(cookieHeader)
+
+  // Logged-in users can access all pages except auth pages, with the exception of the manual logout page
+  if (loggedIn) {
+    if (isAuthPath && !isLogoutPage) {
+      throw redirect('/')
+    }
+    return
   } else {
-    if (!variables.authEnabled) {
-      if (isSettingsPage) {
-        throw redirect('/')
-      }
-      return
-    } else {
-      const loggedIn = await isLoggedIn(cookieHeader)
-      if (!loggedIn) {
-        throw redirect('/auth')
-      }
-      return
+    // Unauthenticated users can only access auth path pages
+    if (!isAuthPath) {
+      throw redirect('/auth')
     }
+    return
   }
 }