UNPKG

nuxt-users

Version:

A comprehensive user management module for Nuxt 3 and Nuxt 4 applications with authentication, authorization, database support, and CLI tools

nuxt-users.webmania.cc

rrd108/nuxt-users

115 lines (114 loc) 3.59 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
import { useRuntimeConfig } from "#app"; import { NO_AUTH_PATHS, NO_AUTH_API_PATHS } from "../constants.js"; import { hasPermission, isWhitelisted } from "../utils/permissions.js"; import { useAuthentication } from "./useAuthentication.js"; export const usePublicPaths = () => { const { public: { nuxtUsers } } = useRuntimeConfig(); const config = nuxtUsers; const apiBasePath = config.apiBasePath || "/api/nuxt-users"; const { user } = useAuthentication(); const getPublicPaths = () => { const noAuthPaths = [...NO_AUTH_PATHS]; const noAuthApiPaths = NO_AUTH_API_PATHS.map((path) => `${apiBasePath}${path}`); const whitelistedPaths = config.auth?.whitelist || []; const customPasswordResetPath = config.passwordResetUrl && config.passwordResetUrl !== "/reset-password" ? config.passwordResetUrl : null; const allPublicPaths = [ ...noAuthPaths, ...noAuthApiPaths, ...whitelistedPaths ]; if (customPasswordResetPath) { allPublicPaths.push(customPasswordResetPath); } return { // All truly public paths (no auth required) all: allPublicPaths, // Categorized public paths builtIn: { pages: noAuthPaths, api: noAuthApiPaths }, whitelist: whitelistedPaths, customPasswordResetPath, apiBasePath }; }; const getAccessiblePaths = () => { const publicPaths = getPublicPaths(); if (!user.value) { return { all: publicPaths.all, public: publicPaths.all, roleBasedPaths: [], userRole: null }; } const userRole = user.value.role; const permissions = config.auth?.permissions || {}; const rolePermissions = permissions[userRole] || []; const roleBasedPaths = []; rolePermissions.forEach((permission) => { if (typeof permission === "string") { roleBasedPaths.push(permission); } else if (typeof permission === "object" && permission.path) { roleBasedPaths.push(permission.path); } }); return { all: [...publicPaths.all, ...roleBasedPaths], public: publicPaths.all, roleBasedPaths, userRole }; }; const isAccessiblePath = (path, method = "GET") => { if (path.includes(".")) { return true; } if (path.startsWith("/_")) { return true; } if (NO_AUTH_PATHS.includes(path)) { return true; } const noAuthApiPaths = NO_AUTH_API_PATHS.map((p) => `${apiBasePath}${p}`); if (noAuthApiPaths.includes(path)) { return true; } if (config.passwordResetUrl && config.passwordResetUrl !== "/reset-password" && path === config.passwordResetUrl) { return true; } if (isWhitelisted(path, config.auth?.whitelist || [])) { return true; } if (user.value) { return hasPermission(user.value.role, path, method, config.auth?.permissions || {}); } return false; }; const isPublicPath = (path) => { if (path.includes(".")) { return true; } if (path.startsWith("/_")) { return true; } if (NO_AUTH_PATHS.includes(path)) { return true; } const noAuthApiPaths = NO_AUTH_API_PATHS.map((p) => `${apiBasePath}${p}`); if (noAuthApiPaths.includes(path)) { return true; } if (config.passwordResetUrl && config.passwordResetUrl !== "/reset-password" && path === config.passwordResetUrl) { return true; } return isWhitelisted(path, config.auth?.whitelist || []); }; return { getPublicPaths, getAccessiblePaths, isPublicPath, isAccessiblePath }; };