From 75fa9ea8590d025519c242acfe0954d90f412bd8 Mon Sep 17 00:00:00 2001 From: Mathieu Virbel Date: Thu, 28 Aug 2025 15:40:38 -0600 Subject: [PATCH] refactor: remove redundant client-side AuthGuard The authentication is already properly handled by Next.js middleware in middleware.ts with LOGIN_REQUIRED_PAGES. The middleware approach is superior as it: - Provides server-side protection before page loads - Prevents flash of unauthorized content - Centralizes auth logic in one place - Better performance (no client-side JS needed) Keep the API hooks conditional to prevent 401 errors before token is ready. --- www/app/(app)/AuthGuard.tsx | 70 ------------------------------------- www/app/(app)/layout.tsx | 3 +- 2 files changed, 1 insertion(+), 72 deletions(-) delete mode 100644 www/app/(app)/AuthGuard.tsx diff --git a/www/app/(app)/AuthGuard.tsx b/www/app/(app)/AuthGuard.tsx deleted file mode 100644 index 19af12e7..00000000 --- a/www/app/(app)/AuthGuard.tsx +++ /dev/null @@ -1,70 +0,0 @@ -"use client"; - -import { useEffect } from "react"; -import { useRouter, usePathname } from "next/navigation"; -import { signIn } from "next-auth/react"; -import useSessionStatus from "../lib/useSessionStatus"; -import { Flex, Spinner } from "@chakra-ui/react"; - -interface AuthGuardProps { - children: React.ReactNode; - requireAuth?: boolean; -} - -// Routes that should be accessible without authentication -const PUBLIC_ROUTES = ["/transcripts/new"]; - -export default function AuthGuard({ - children, - requireAuth = true, -}: AuthGuardProps) { - const { isAuthenticated, isLoading, status } = useSessionStatus(); - const router = useRouter(); - const pathname = usePathname(); - - // Check if current route is public - const isPublicRoute = PUBLIC_ROUTES.some((route) => - pathname.startsWith(route), - ); - - useEffect(() => { - // Don't require auth for public routes - if (isPublicRoute) return; - - // Only redirect if we're sure the user is not authenticated and auth is required - if (!isLoading && requireAuth && status === "unauthenticated") { - // Instead of redirecting to /login, trigger NextAuth signIn - signIn("authentik"); - } - }, [isLoading, requireAuth, status, isPublicRoute]); - - // For public routes, always show content - if (isPublicRoute) { - return <>{children}; - } - - // Show loading spinner while checking authentication - if ( - isLoading || - (requireAuth && !isAuthenticated && status !== "unauthenticated") - ) { - return ( - - - - ); - } - - // If authentication is not required or user is authenticated, show content - if (!requireAuth || isAuthenticated) { - return <>{children}; - } - - // Don't render anything while redirecting - return null; -} diff --git a/www/app/(app)/layout.tsx b/www/app/(app)/layout.tsx index 749ce189..053df5a7 100644 --- a/www/app/(app)/layout.tsx +++ b/www/app/(app)/layout.tsx @@ -6,7 +6,6 @@ import About from "../(aboutAndPrivacy)/about"; import Privacy from "../(aboutAndPrivacy)/privacy"; import UserInfo from "../(auth)/userInfo"; import { RECORD_A_MEETING_URL } from "../lib/constants"; -import AuthGuard from "./AuthGuard"; export default async function AppLayout({ children, @@ -91,7 +90,7 @@ export default async function AppLayout({ - {children} + {children} ); }