selfhostyourtech/reflector
2
0
Fork 0
mirror of https://github.com/Monadical-SAS/reflector.git synced 2025-12-22 13:19:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: prevent unauthorized API calls before authentication

Browse Source 
- Add global AuthGuard component to handle authentication at layout level
- Make all API query hooks conditional on authentication status
- Define public routes (like /transcripts/new) that don't require auth
- Fix login flow to use NextAuth signIn instead of non-existent /login route
- Prevent 401 errors by waiting for auth token before making API calls

Previously, all routes under (app) were publicly accessible with each page
handling auth individually. Now authentication is enforced globally while
still allowing specific routes to remain public.
This commit is contained in:
Mathieu Virbel
2025-08-28 15:35:49 -06:00
parent 0eac7501c5
commit 26154af25c
5 changed files with 144 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
www/app/(app)/layout.tsx
View File

@@ -6,6 +6,7 @@ import About from "../(aboutAndPrivacy)/about";
import Privacy from "../(aboutAndPrivacy)/privacy";
import UserInfo from "../(auth)/userInfo";
import { RECORD_A_MEETING_URL } from "../lib/constants";
import AuthGuard from "./AuthGuard";
export default async function AppLayout({
children,
@@ -90,7 +91,7 @@ export default async function AppLayout({
</div>
</Flex>
{children}
<AuthGuard requireAuth={requireLogin}>{children}</AuthGuard>
</Container>
);
}