Skip to content

Commit

Permalink
feat(security): disable access for anonymous users, when disablePubli…
Browse files Browse the repository at this point in the history 
…cMemos is true (usememos#1966)
  • Loading branch information
@aatumaykin
aatumaykin authored Jul 17, 2023
1 parent 4ac63ba commit e36e582
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 29 deletions.
28 changes: 16 additions & 12 deletions web/src/components/Header.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,20 +95,24 @@ const Header = () => {
</NavLink>
</>
)}
<NavLink
to="/explore"
id="header-explore"
className={({ isActive }) =>
classNames(
"px-4 pr-5 py-2 rounded-full border flex flex-row items-center text-lg text-gray-800 dark:text-gray-300 hover:bg-white hover:border-gray-200 dark:hover:border-zinc-600 dark:hover:bg-zinc-700",
isActive ? "bg-white dark:bg-zinc-700 border-gray-200 dark:border-zinc-600" : "border-transparent"
)
}
>
{!isVisitorMode && (
<>
<Icon.Hash className="mr-3 w-6 h-auto opacity-70" /> {t("common.explore")}
<NavLink
to="/explore"
id="header-explore"
className={({ isActive }) =>
classNames(
"px-4 pr-5 py-2 rounded-full border flex flex-row items-center text-lg text-gray-800 dark:text-gray-300 hover:bg-white hover:border-gray-200 dark:hover:border-zinc-600 dark:hover:bg-zinc-700",
isActive ? "bg-white dark:bg-zinc-700 border-gray-200 dark:border-zinc-600" : "border-transparent"
)
}
>
<>
<Icon.Hash className="mr-3 w-6 h-auto opacity-70" /> {t("common.explore")}
</>
</NavLink>
</>
</NavLink>
)}

{!isVisitorMode && (
<>
Expand Down
54 changes: 37 additions & 17 deletions web/src/router/index.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,14 @@ const router = createBrowserRouter([
}

const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host)) {
return redirect("/auth");
} else if (isNullorUndefined(user)) {
} else if (isNullorUndefined(user) && !systemStatus.disablePublicMemos) {
return redirect("/explore");
} else if (isNullorUndefined(user) && systemStatus.disablePublicMemos) {
return redirect("/auth");
}
return null;
},
Expand All @@ -84,8 +88,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -103,8 +109,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -122,8 +130,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -141,8 +151,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -160,8 +172,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -180,8 +194,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -199,8 +215,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand All @@ -220,8 +238,10 @@ const router = createBrowserRouter([
// do nth
}

const { host } = store.getState().user;
if (isNullorUndefined(host)) {
const { host, user } = store.getState().user;
const { systemStatus } = store.getState().global;

if (isNullorUndefined(host) || (isNullorUndefined(user) && systemStatus.disablePublicMemos)) {
return redirect("/auth");
}
return null;
Expand Down

0 comments on commit e36e582

Please sign in to comment.