Extracted the authentication portion of the authenticated middleware into a navigation guard #11186
Conversation
codyrancher
force-pushed
the
beforeeach-auth
branch
7 times, most recently
from
d962f93 to
a043615
Compare
…into a navigation guard
codyrancher
force-pushed
the
beforeeach-auth
branch
from
a043615 to
b81a1f8
Compare
codyrancher
changed the title
| export const routeRequiresAuthentication = (to) => { | ||
| return routeMatched(to, (matched) => matched.meta?.requiresAuthentication); |
There was a problem hiding this comment.
I decided to update this to use metadata instead of names so that we don't have to maintain a separate list of authenticated pages.
The vue3 router docs also have this exact example for authentication: https://v3.router.vuejs.org/guide/advanced/meta.html#route-meta-fields so it should migrate better.
There was a problem hiding this comment.
I like this approach, it's straightforward and the idiomatic way to handle authentication in vue router.
| @@ -297,9 +297,9 @@ export function notLoggedIn(store, redirect, route) { | |||
| store.commit('auth/hasAuth', true); | |||
|
|
|||
| if ( route.name === 'index' ) { | |||
| return redirect(302, '/auth/login'); | |||
| return redirect('/auth/login'); | |||
There was a problem hiding this comment.
navigation guard next() doesn't support passing a status.
| @@ -17,52 +15,7 @@ export default async function({ | |||
| route, store, redirect, from, $plugin, next | |||
| }) { | |||
| if ( store.getters['auth/enabled'] !== false && !store.getters['auth/loggedIn'] ) { | |||
There was a problem hiding this comment.
This is still necessary because we don't always proceed any further in the middleware depending on whether the user was authenticated or not.
| if (from?.name !== to?.name) { | ||
| updatePageTitle(getVendor()); | ||
| } |
There was a problem hiding this comment.
When investigating a flaky test I noticed that the page title was flickering on pages where the query or hash in the url was updated (due to tabs for instance)
There was a problem hiding this comment.
Could the flashing behavior also have anything to do with the TabTitle (shell/components/TabTitle.vue) component?
| export const routeRequiresAuthentication = (to) => { | ||
| return routeMatched(to, (matched) => matched.meta?.requiresAuthentication); |
There was a problem hiding this comment.
I like this approach, it's straightforward and the idiomatic way to handle authentication in vue router.
| if (from?.name !== to?.name) { | ||
| updatePageTitle(getVendor()); | ||
| } |
There was a problem hiding this comment.
Could the flashing behavior also have anything to do with the TabTitle (shell/components/TabTitle.vue) component?
| } | ||
| } | ||
|
|
||
| store.dispatch('gcStartIntervals'); |
There was a problem hiding this comment.
How is gcStartIntervals related to authentication?
There was a problem hiding this comment.
It's really not. But it's not related to setting product either and I was going to move it into one of the two lol.
Would you like to put it into a separate navigation guard? I think we can preserve order and timing that way
There was a problem hiding this comment.
Would you like to put it into a separate navigation guard? I think we can preserve order and timing that way
Perhaps.. I might also be fine with a comment that explains why we need to start garbage collection intervals at the end of the authentication guard.
If we were to separate this into a new guard, what do we think would happen to this gc action that we also dispatch in the authenticated middleware, would these two end up in closer proximity to each other?
dashboard/shell/middleware/authenticated.js
Lines 76 to 77 in 256ecff
There was a problem hiding this comment.
@codyrancher and I synced on this out of band. It looks like there's quite a bit of behavior in the authenticated middleware that isn't related to authentication. We will follow up with an issue to address the garbage collection in the future.
There was a problem hiding this comment.
Created an issue to track per our conversation #11205
So it can cause flashing if the content changes but there isn't much we can do about that besides debouncing. This was constantly resetting it back to 'Rancher' as the url was modified even if the route hadn't actually changed. |
Summary
Extracted the authentication portion of the authenticated middleware into a navigation guard
Technical notes summary
This is the closest analogue for getting authentication to be executed at the same point in time it was when it was in middleware.
I did verify this works for both local and github authentication providers.
Areas or cases that should be tested
All authenticated area
Areas which could experience regressions
All authenticated area
Checklist