astro-sessionkit 0.1.21 → 0.1.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAsE7C,wBAAgB,qBAAqB,IAAI,iBAAiB,
|
|
1
|
+
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAsE7C,wBAAgB,qBAAqB,IAAI,iBAAiB,CAgGzD"}
|
|
@@ -83,6 +83,12 @@ function createGuardMiddleware() {
|
|
|
83
83
|
return next();
|
|
84
84
|
}
|
|
85
85
|
if (pathname === loginPath) {
|
|
86
|
+
if (session && isValidSessionStructure(session)) {
|
|
87
|
+
if (debug$1) {
|
|
88
|
+
debug(`[GlobalProtect] Redirecting ${pathname} to / because session is already present`);
|
|
89
|
+
}
|
|
90
|
+
return context.redirect('/');
|
|
91
|
+
}
|
|
86
92
|
if (debug$1) {
|
|
87
93
|
debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);
|
|
88
94
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":["// ============================================================================\n// Route Guard Middleware - Enforces protection rules\n// ============================================================================\n\nimport type {MiddlewareHandler} from \"astro\";\nimport { getContextStore } from \"./context\";\nimport { getConfig } from \"./config\";\nimport { matchesPattern } from \"./matcher\";\nimport type { ProtectionRule, Session } from \"./types\";\nimport { isValidSessionStructure } from \"./validation\";\nimport * as logger from \"./logger\";\n\n/**\n * Check if session satisfies a protection rule\n */\nasync function checkRule(rule: ProtectionRule, session: Session | null): Promise<boolean> {\n const { access } = getConfig();\n\n // Custom check overrides everything\n if (access.check) {\n try {\n return await access.check(rule, session);\n } catch (error) {\n logger.error('Error in custom access check hook:', error);\n return false;\n }\n }\n\n // Custom allow function\n if (\"allow\" in rule) {\n try {\n return await rule.allow(session);\n } catch (error) {\n logger.error('Error in custom rule allow function:', error);\n return false;\n }\n }\n\n // Must be authenticated and have a valid session structure for all other checks\n if (!session || !isValidSessionStructure(session)) {\n return false;\n }\n\n // Single role check\n if (\"role\" in rule) {\n const userRole = access.getRole(session);\n return userRole === rule.role;\n }\n\n // Multiple roles check (user must have ONE of these)\n if (\"roles\" in rule) {\n const userRole = access.getRole(session);\n return userRole !== null && rule.roles.includes(userRole);\n }\n\n // Single permission check\n if (\"permission\" in rule) {\n const userPermissions = access.getPermissions(session);\n return userPermissions.includes(rule.permission);\n }\n\n // Multiple permissions check (user must have ALL of these)\n if (\"permissions\" in rule) {\n const userPermissions = access.getPermissions(session);\n return rule.permissions.every((p) => userPermissions.includes(p));\n }\n\n // No specific rule matched - allow by default\n return true;\n}\n\n/**\n * Create route guard middleware\n */\nexport function createGuardMiddleware(): MiddlewareHandler {\n return async (context, next) => {\n let pathname: string;\n try {\n pathname = new URL(context.request.url).pathname;\n } catch {\n pathname = \"/\";\n }\n\n const config = getConfig();\n const {protect, loginPath, globalProtect, exclude, debug} = config;\n\n if (debug) {\n logger.debug(`[Guard] Pathname: ${pathname}, GlobalProtect: ${globalProtect}, Rules: ${protect.length}`);\n }\n\n // No rules configured and no global protect - skip\n if (protect.length === 0 && !globalProtect) {\n if (debug) {\n logger.debug(`[Guard] Skipping ${pathname} because no rules are configured and globalProtect is false`);\n }\n return next();\n }\n\n const sessionContext = getContextStore();\n const session = sessionContext?.session ?? null;\n\n if (debug) {\n logger.debug(`[Guard] Session retrieved from store: ${session ? 'exists' : 'null'}`);\n }\n\n // Find matching rule\n const rule = protect.find((r) => matchesPattern(r.pattern, pathname));\n\n if (rule && debug) {\n logger.debug(`[Guard] Found matching rule for ${pathname}:`, rule);\n }\n\n // No matching rule - check global protection\n if (!rule) {\n if (globalProtect) {\n // Skip if path is in exclude list\n if (exclude.some((pattern) => matchesPattern(pattern, pathname))) {\n if (debug) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it matches an exclude pattern`);\n }\n return next();\n }\n\n // Skip if it's the login page itself (to avoid redirect loops)\n if (pathname === loginPath) {\n if (debug) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);\n }\n return next();\n }\n\n // Require valid session\n if (!session || !isValidSessionStructure(session)) {\n if (debug) {\n logger.debug(`[GlobalProtect] Redirecting to ${loginPath} because session is ${session ? 'invalid' : 'missing'}`);\n }\n return context.redirect(loginPath);\n }\n }\n\n if (debug) {\n logger.debug(`[GlobalProtect] Allowing ${pathname} because session is valid or globalProtect is false`);\n }\n return next();\n }\n\n // Check if access is allowed\n const allowed = await checkRule(rule, session);\n\n if (!allowed) {\n const redirectTo = rule.redirectTo ?? loginPath;\n if (debug) {\n logger.debug(`[Guard] Redirecting to ${redirectTo} because access was denied by rule:`, rule);\n }\n return context.redirect(redirectTo);\n }\n\n if (debug) {\n logger.debug(`[Guard] Allowing ${pathname} because access was granted by rule:`, rule);\n }\n return next();\n };\n}\n"],"names":["error","logger.error","debug","logger.debug"],"mappings":";;;;;;AAeA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,IAAI;YACF,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC;QAC1C;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,oCAAoC,EAAED,OAAK,CAAC;AACzD,YAAA,OAAO,KAAK;QACd;IACF;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;AACnB,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,sCAAsC,EAAED,OAAK,CAAC;AAC3D,YAAA,OAAO,KAAK;QACd;IACF;IAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;AACjD,QAAA,OAAO,KAAK;IACd;AAGA,IAAA,IAAI,MAAM,IAAI,IAAI,EAAE;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,CAAC,IAAI;IAC/B;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;QACnB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAC3D;AAGA,IAAA,IAAI,YAAY,IAAI,IAAI,EAAE;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;QACtD,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;IAClD;AAGA,IAAA,IAAI,aAAa,IAAI,IAAI,EAAE;QACzB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;AACtD,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnE;AAGA,IAAA,OAAO,IAAI;AACb;SAKgB,qBAAqB,GAAA;AACnC,IAAA,OAAO,OAAO,OAAO,EAAE,IAAI,KAAI;AAC7B,QAAA,IAAI,QAAgB;AACpB,QAAA,IAAI;AACA,YAAA,QAAQ,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ;QACpD;AAAE,QAAA,MAAM;YACJ,QAAQ,GAAG,GAAG;QAClB;AAEA,QAAA,MAAM,MAAM,GAAG,SAAS,EAAE;AAC1B,QAAA,MAAM,EAAC,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,OAAO,SAAEE,OAAK,EAAC,GAAG,MAAM;QAElE,IAAIA,OAAK,EAAE;AACP,YAAAC,KAAY,CAAC,CAAA,kBAAA,EAAqB,QAAQ,CAAA,iBAAA,EAAoB,aAAa,CAAA,SAAA,EAAY,OAAO,CAAC,MAAM,CAAA,CAAE,CAAC;QAC5G;QAGA,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE;YACxC,IAAID,OAAK,EAAE;AACP,gBAAAC,KAAY,CAAC,oBAAoB,QAAQ,CAAA,2DAAA,CAA6D,CAAC;YAC3G;YACA,OAAO,IAAI,EAAE;QACjB;AAEA,QAAA,MAAM,cAAc,GAAG,eAAe,EAAE;AACxC,QAAA,MAAM,OAAO,GAAG,cAAc,EAAE,OAAO,IAAI,IAAI;QAE/C,IAAID,OAAK,EAAE;AACP,YAAAC,KAAY,CAAC,CAAA,sCAAA,EAAyC,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAA,CAAE,CAAC;QACxF;QAGA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,cAAc,CAAC,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AAErE,QAAA,IAAI,IAAI,IAAID,OAAK,EAAE;YACfC,KAAY,CAAC,CAAA,gCAAA,EAAmC,QAAQ,CAAA,CAAA,CAAG,EAAE,IAAI,CAAC;QACtE;QAGA,IAAI,CAAC,IAAI,EAAE;YACP,IAAI,aAAa,EAAE;AAEf,gBAAA,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,KAAK,cAAc,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE;oBAC9D,IAAID,OAAK,EAAE;AACP,wBAAAC,KAAY,CAAC,4BAA4B,QAAQ,CAAA,sCAAA,CAAwC,CAAC;oBAC9F;oBACA,OAAO,IAAI,EAAE;gBACjB;AAGA,gBAAA,IAAI,QAAQ,KAAK,SAAS,EAAE;
|
|
1
|
+
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":["// ============================================================================\n// Route Guard Middleware - Enforces protection rules\n// ============================================================================\n\nimport type {MiddlewareHandler} from \"astro\";\nimport { getContextStore } from \"./context\";\nimport { getConfig } from \"./config\";\nimport { matchesPattern } from \"./matcher\";\nimport type { ProtectionRule, Session } from \"./types\";\nimport { isValidSessionStructure } from \"./validation\";\nimport * as logger from \"./logger\";\n\n/**\n * Check if session satisfies a protection rule\n */\nasync function checkRule(rule: ProtectionRule, session: Session | null): Promise<boolean> {\n const { access } = getConfig();\n\n // Custom check overrides everything\n if (access.check) {\n try {\n return await access.check(rule, session);\n } catch (error) {\n logger.error('Error in custom access check hook:', error);\n return false;\n }\n }\n\n // Custom allow function\n if (\"allow\" in rule) {\n try {\n return await rule.allow(session);\n } catch (error) {\n logger.error('Error in custom rule allow function:', error);\n return false;\n }\n }\n\n // Must be authenticated and have a valid session structure for all other checks\n if (!session || !isValidSessionStructure(session)) {\n return false;\n }\n\n // Single role check\n if (\"role\" in rule) {\n const userRole = access.getRole(session);\n return userRole === rule.role;\n }\n\n // Multiple roles check (user must have ONE of these)\n if (\"roles\" in rule) {\n const userRole = access.getRole(session);\n return userRole !== null && rule.roles.includes(userRole);\n }\n\n // Single permission check\n if (\"permission\" in rule) {\n const userPermissions = access.getPermissions(session);\n return userPermissions.includes(rule.permission);\n }\n\n // Multiple permissions check (user must have ALL of these)\n if (\"permissions\" in rule) {\n const userPermissions = access.getPermissions(session);\n return rule.permissions.every((p) => userPermissions.includes(p));\n }\n\n // No specific rule matched - allow by default\n return true;\n}\n\n/**\n * Create route guard middleware\n */\nexport function createGuardMiddleware(): MiddlewareHandler {\n return async (context, next) => {\n let pathname: string;\n try {\n pathname = new URL(context.request.url).pathname;\n } catch {\n pathname = \"/\";\n }\n\n const config = getConfig();\n const {protect, loginPath, globalProtect, exclude, debug} = config;\n\n if (debug) {\n logger.debug(`[Guard] Pathname: ${pathname}, GlobalProtect: ${globalProtect}, Rules: ${protect.length}`);\n }\n\n // No rules configured and no global protect - skip\n if (protect.length === 0 && !globalProtect) {\n if (debug) {\n logger.debug(`[Guard] Skipping ${pathname} because no rules are configured and globalProtect is false`);\n }\n return next();\n }\n\n const sessionContext = getContextStore();\n const session = sessionContext?.session ?? null;\n\n if (debug) {\n logger.debug(`[Guard] Session retrieved from store: ${session ? 'exists' : 'null'}`);\n }\n\n // Find matching rule\n const rule = protect.find((r) => matchesPattern(r.pattern, pathname));\n\n if (rule && debug) {\n logger.debug(`[Guard] Found matching rule for ${pathname}:`, rule);\n }\n\n // No matching rule - check global protection\n if (!rule) {\n if (globalProtect) {\n // Skip if path is in exclude list\n if (exclude.some((pattern) => matchesPattern(pattern, pathname))) {\n if (debug) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it matches an exclude pattern`);\n }\n return next();\n }\n\n // Skip if it's the login page itself (to avoid redirect loops)\n if (pathname === loginPath) {\n // NEW: If session is already present, redirect to home (/)\n if (session && isValidSessionStructure(session)) {\n if (debug) {\n logger.debug(`[GlobalProtect] Redirecting ${pathname} to / because session is already present`);\n }\n return context.redirect('/');\n }\n\n if (debug) {\n logger.debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);\n }\n return next();\n }\n\n // Require valid session\n if (!session || !isValidSessionStructure(session)) {\n if (debug) {\n logger.debug(`[GlobalProtect] Redirecting to ${loginPath} because session is ${session ? 'invalid' : 'missing'}`);\n }\n return context.redirect(loginPath);\n }\n }\n\n if (debug) {\n logger.debug(`[GlobalProtect] Allowing ${pathname} because session is valid or globalProtect is false`);\n }\n return next();\n }\n\n // Check if access is allowed\n const allowed = await checkRule(rule, session);\n\n if (!allowed) {\n const redirectTo = rule.redirectTo ?? loginPath;\n if (debug) {\n logger.debug(`[Guard] Redirecting to ${redirectTo} because access was denied by rule:`, rule);\n }\n return context.redirect(redirectTo);\n }\n\n if (debug) {\n logger.debug(`[Guard] Allowing ${pathname} because access was granted by rule:`, rule);\n }\n return next();\n };\n}\n"],"names":["error","logger.error","debug","logger.debug"],"mappings":";;;;;;AAeA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,IAAI;YACF,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC;QAC1C;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,oCAAoC,EAAED,OAAK,CAAC;AACzD,YAAA,OAAO,KAAK;QACd;IACF;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;AACnB,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC;QAAE,OAAOA,OAAK,EAAE;AACd,YAAAC,KAAY,CAAC,sCAAsC,EAAED,OAAK,CAAC;AAC3D,YAAA,OAAO,KAAK;QACd;IACF;IAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;AACjD,QAAA,OAAO,KAAK;IACd;AAGA,IAAA,IAAI,MAAM,IAAI,IAAI,EAAE;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,CAAC,IAAI;IAC/B;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;QACnB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAC3D;AAGA,IAAA,IAAI,YAAY,IAAI,IAAI,EAAE;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;QACtD,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;IAClD;AAGA,IAAA,IAAI,aAAa,IAAI,IAAI,EAAE;QACzB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;AACtD,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnE;AAGA,IAAA,OAAO,IAAI;AACb;SAKgB,qBAAqB,GAAA;AACnC,IAAA,OAAO,OAAO,OAAO,EAAE,IAAI,KAAI;AAC7B,QAAA,IAAI,QAAgB;AACpB,QAAA,IAAI;AACA,YAAA,QAAQ,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ;QACpD;AAAE,QAAA,MAAM;YACJ,QAAQ,GAAG,GAAG;QAClB;AAEA,QAAA,MAAM,MAAM,GAAG,SAAS,EAAE;AAC1B,QAAA,MAAM,EAAC,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,OAAO,SAAEE,OAAK,EAAC,GAAG,MAAM;QAElE,IAAIA,OAAK,EAAE;AACP,YAAAC,KAAY,CAAC,CAAA,kBAAA,EAAqB,QAAQ,CAAA,iBAAA,EAAoB,aAAa,CAAA,SAAA,EAAY,OAAO,CAAC,MAAM,CAAA,CAAE,CAAC;QAC5G;QAGA,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE;YACxC,IAAID,OAAK,EAAE;AACP,gBAAAC,KAAY,CAAC,oBAAoB,QAAQ,CAAA,2DAAA,CAA6D,CAAC;YAC3G;YACA,OAAO,IAAI,EAAE;QACjB;AAEA,QAAA,MAAM,cAAc,GAAG,eAAe,EAAE;AACxC,QAAA,MAAM,OAAO,GAAG,cAAc,EAAE,OAAO,IAAI,IAAI;QAE/C,IAAID,OAAK,EAAE;AACP,YAAAC,KAAY,CAAC,CAAA,sCAAA,EAAyC,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAA,CAAE,CAAC;QACxF;QAGA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,cAAc,CAAC,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AAErE,QAAA,IAAI,IAAI,IAAID,OAAK,EAAE;YACfC,KAAY,CAAC,CAAA,gCAAA,EAAmC,QAAQ,CAAA,CAAA,CAAG,EAAE,IAAI,CAAC;QACtE;QAGA,IAAI,CAAC,IAAI,EAAE;YACP,IAAI,aAAa,EAAE;AAEf,gBAAA,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,KAAK,cAAc,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE;oBAC9D,IAAID,OAAK,EAAE;AACP,wBAAAC,KAAY,CAAC,4BAA4B,QAAQ,CAAA,sCAAA,CAAwC,CAAC;oBAC9F;oBACA,OAAO,IAAI,EAAE;gBACjB;AAGA,gBAAA,IAAI,QAAQ,KAAK,SAAS,EAAE;AAExB,oBAAA,IAAI,OAAO,IAAI,uBAAuB,CAAC,OAAO,CAAC,EAAE;wBAC7C,IAAID,OAAK,EAAE;AACP,4BAAAC,KAAY,CAAC,+BAA+B,QAAQ,CAAA,wCAAA,CAA0C,CAAC;wBACnG;AACA,wBAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAChC;oBAEA,IAAID,OAAK,EAAE;AACP,wBAAAC,KAAY,CAAC,4BAA4B,QAAQ,CAAA,4BAAA,CAA8B,CAAC;oBACpF;oBACA,OAAO,IAAI,EAAE;gBACjB;gBAGA,IAAI,CAAC,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE;oBAC/C,IAAID,OAAK,EAAE;AACP,wBAAAC,KAAY,CAAC,CAAA,+BAAA,EAAkC,SAAS,uBAAuB,OAAO,GAAG,SAAS,GAAG,SAAS,CAAA,CAAE,CAAC;oBACrH;AACA,oBAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACtC;YACJ;YAEA,IAAID,OAAK,EAAE;AACP,gBAAAC,KAAY,CAAC,4BAA4B,QAAQ,CAAA,mDAAA,CAAqD,CAAC;YAC3G;YACA,OAAO,IAAI,EAAE;QACjB;QAGA,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC;QAE9C,IAAI,CAAC,OAAO,EAAE;AACV,YAAA,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,SAAS;YAC/C,IAAID,OAAK,EAAE;gBACPC,KAAY,CAAC,CAAA,uBAAA,EAA0B,UAAU,CAAA,mCAAA,CAAqC,EAAE,IAAI,CAAC;YACjG;AACA,YAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;QACvC;QAEA,IAAID,OAAK,EAAE;YACPC,KAAY,CAAC,CAAA,iBAAA,EAAoB,QAAQ,CAAA,oCAAA,CAAsC,EAAE,IAAI,CAAC;QAC1F;QACA,OAAO,IAAI,EAAE;AACf,IAAA,CAAC;AACH;;;;"}
|
package/package.json
CHANGED
|
@@ -123,6 +123,14 @@ export function createGuardMiddleware(): MiddlewareHandler {
|
|
|
123
123
|
|
|
124
124
|
// Skip if it's the login page itself (to avoid redirect loops)
|
|
125
125
|
if (pathname === loginPath) {
|
|
126
|
+
// NEW: If session is already present, redirect to home (/)
|
|
127
|
+
if (session && isValidSessionStructure(session)) {
|
|
128
|
+
if (debug) {
|
|
129
|
+
logger.debug(`[GlobalProtect] Redirecting ${pathname} to / because session is already present`);
|
|
130
|
+
}
|
|
131
|
+
return context.redirect('/');
|
|
132
|
+
}
|
|
133
|
+
|
|
126
134
|
if (debug) {
|
|
127
135
|
logger.debug(`[GlobalProtect] Skipping ${pathname} because it is the loginPath`);
|
|
128
136
|
}
|