Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrading to 3.1 best practices. #2275

Open
arenoir opened this issue Feb 19, 2021 · 4 comments
Open

Upgrading to 3.1 best practices. #2275

arenoir opened this issue Feb 19, 2021 · 4 comments

Comments

@arenoir
Copy link

arenoir commented Feb 19, 2021

I am upgrading from 3.0 to 3.1 and it appears that the preferred method to authenticate routes is to nest the routes under an authenticated parent route.

So in order to do this migration I would have to move all my routes, controllers, templates and rename all transition to functions.

I wouldn't have a problem with this but in this case all routes are authenticated except for one login page.

It seems like there should be a way to use the applications route beforeModel hook to do the authentication and skip it only on the login route.

I was hoping the following would work but it is buggy. It works on page load but if you transition to a route after after the application has loaded it is not requiring authentication.

// routes/application.js
export default class ApplicationRoute extends Route {
  @service session;

  beforeModel(transition) {    
    if (transition.targetName !== 'login') {
      this.session.requireAuthentication(transition, 'login');
    }
  } 
}
// routes/login.js
export default class LoginRoute extends Route {
  @service session;

  beforeModel(transition) {    
    this.session.prohibitAuthentication('index');
  } 
}

Is there any other way to pull this off without reworking my whole application?

Thanks for taking the time to look at this.

~ aaron
@alejandrodevs
Copy link

alejandrodevs commented Feb 20, 2021
edited
Loading

A good practice is to wrapper authenticated routes:

Router.map(function() {
  this.route('login');

  this.route('authenticated', { path: '/' }, function() {
    // your authenticated routes.
  });
});

If you can not do that, your approach should work.

I was hoping the following would work but it is buggy. It works on page load but if you transition to a route after after the application has loaded it is not requiring authentication.

That is the expected behavior. The requireAuthentication is not called every transition, it is just called on page load. If for some reason your session expires in your backend, it should return a 401 error code and you can handle that in your adapter.

@arenoir
Copy link
Author

arenoir commented Feb 22, 2021

@alejandrodevs the backed does return a 401 and the ember-simple-auth used to handle the error using the application route mixin.

Should this error be handled in the application route or the data adapter?

@alejandrodevs
Copy link

alejandrodevs commented Feb 22, 2021
edited
Loading

Ember simple auth handles 401 in the DataAdapterMixin which is not longer recommended because Mixins deprecation. Now you can remove completely the mixin and add this to your application adapter:

  handleResponse(status, ...manyMoreArgs) {
    if (status === 401) this.session.invalidate();
    return super.handleResponse(...arguments);
  }

@arenoir
Copy link
Author

arenoir commented Feb 22, 2021

@alejandrodevs thank you. This should be added to the readme.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arenoir @alejandrodevs